how to use iptables -m mac --mac-source
Does anyone know how to:
use iptables -m mac --mac-source [MAC] to allow through any approved MACs with a policy of drop for anyone else? Thanks! |
Hi welcome to linuxquestions.
You basically posted the rule that you'd need. Something like: iptables -A INPUT -m mac --mac-source XX:XX:XX:XX:XX:XX -j ACCEPT Though spoofing a MAC address in linux is pretty trivial, so you should be very cautious about relying too heavily on hardware MAC addresses as a sole means of making firewalling decisions. At the very least, you should still restrict access only to necessary ports |
So your saying that as soon as I start using the "iptables -A INPUT -m mac --mac-source XX:XX:XX:XX:XX:XX -j ACCEPT" rule that is automaticaly drops all other MACs?
Thanks for your prompt response! |
Quote:
Code:
iptables -P INPUT DROP or Code:
iptables -A INPUT -m mac --mac-source XX:XX:XX:XX:XX:XX -j ACCEPT |
All times are GMT -5. The time now is 08:29 PM. |