LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 10-07-2004, 12:00 PM   #1
bhenry
LQ Newbie
 
Registered: Oct 2004
Distribution: It just depends on the need :)
Posts: 1

Rep: Reputation: 0
Question Need to filter devices out from a firewall by MAC address


I'm fairly new to firewalls, although I've a fair amount of experience on Linux. Anyway, here's what's going on -

The college I work for is installing a firewall between our LAN and our wireless access points. The wireless access points connect directly to a switch, which in turn will connect to the firewall, and the firewall to the internet. We want to allow any and all traffic through the NIC that connects to the LAN, but to get through the card that connects to the wireless network the MAC address of the NIC must be listed in our firewall as "trusted."

What I'm looking for is the best firewall for us to do this on linux (currently using Fedora Core 2), and either links to good documentation on how to do what I'm wanting and/or someone who can provide me step-by-step directions on how to do this.

Any and all assistance would be greatly appreciated

Brian
 
Old 10-07-2004, 01:05 PM   #2
scottman
Member
 
Registered: Jul 2004
Location: USA
Distribution: Slackware, FreeBSD, LFS
Posts: 72

Rep: Reputation: 15
If you are familiar with bash scripts a straight up iptables script would be your best bet. Check out unSpawns security references near the begining of the security forum to get links for firewalls and iptables etc.


Code:
# Create a new chain for mac filtering
$IPT -N INTERNET

# Send traffic coming in from your lan interface to the new chain
$IPT -A FORWARD -i <YOUR_LAN_INTERFACE_HERE> -j INTERNET

# Enter rules with allowed mac addresses
$IPT -A INTERNET -m mac --mac-source XX:XX:XX:XX:XX:XX -j RETURN
$IPT -A INTERNET -m mac --mac-source XX:XX:XX:XX:XX:XX -j RETURN
$IPT -A INTERNET -m mac --mac-source XX:XX:XX:XX:XX:XX -j RETURN
$IPT -A INTERNET -m mac --mac-source XX:XX:XX:XX:XX:XX -j RETURN

# Have a rule to drop all other computers attempting to access internet.
$IPT -A INTERNET -j DROP
I'm sorry if this is greek or something to you, if you want any kind of clarification let me know
 
Old 10-07-2004, 03:20 PM   #3
Krugger
Member
 
Registered: Oct 2004
Posts: 229

Rep: Reputation: 30
Just want to remind you that MAC addresses are easy to spoof. So don't use the MAC to auth anyone. You can set your MAC with a simple ifconfig.
 
Old 10-07-2004, 11:29 PM   #4
m4dj4ck
Member
 
Registered: Aug 2004
Location: the coven
Distribution: slackies
Posts: 55

Rep: Reputation: 15
try to use shorewall firewall(http://www.shorewall.net). It has MAC address blocking functionality by adding the disallowed MAC into the blacklist.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
PIX firewall MAC address trebek Linux - Networking 2 08-12-2005 05:36 PM
iptables + IP + MAC filter varun_saa Mandriva 1 04-30-2005 06:16 AM
how to get ip address, broadcast address, mac address of a machine sumeshstar Programming 2 03-12-2005 04:33 AM
DHCP Server MAC Address found, IP address not assigned wmburke Linux - Wireless Networking 17 11-17-2004 10:33 AM
MAC address filtering firewall? gigaah Linux - Security 5 06-07-2004 11:05 AM


All times are GMT -5. The time now is 12:10 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration