Need to filter devices out from a firewall by MAC address
I'm fairly new to firewalls, although I've a fair amount of experience on Linux. Anyway, here's what's going on -
The college I work for is installing a firewall between our LAN and our wireless access points. The wireless access points connect directly to a switch, which in turn will connect to the firewall, and the firewall to the internet. We want to allow any and all traffic through the NIC that connects to the LAN, but to get through the card that connects to the wireless network the MAC address of the NIC must be listed in our firewall as "trusted." What I'm looking for is the best firewall for us to do this on linux (currently using Fedora Core 2), and either links to good documentation on how to do what I'm wanting and/or someone who can provide me step-by-step directions on how to do this. Any and all assistance would be greatly appreciated :) Brian |
If you are familiar with bash scripts a straight up iptables script would be your best bet. Check out unSpawns security references near the begining of the security forum to get links for firewalls and iptables etc.
Code:
# Create a new chain for mac filtering |
Just want to remind you that MAC addresses are easy to spoof. So don't use the MAC to auth anyone. You can set your MAC with a simple ifconfig.
|
try to use shorewall firewall(http://www.shorewall.net). It has MAC address blocking functionality by adding the disallowed MAC into the blacklist.
|
All times are GMT -5. The time now is 10:25 PM. |