LinuxQuestions.org - by using iptables block mac address to restric user to access internet

- Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)

- - by using iptables block mac address to restric user to access internet (https://www.linuxquestions.org/questions/linux-networking-3/by-using-iptables-block-mac-address-to-restric-user-to-access-internet-489144/)

Farrukh Fida

10-03-2006 04:51 PM

by using iptables block mac address to restric user to access internet

I want to know how to block a user to get access internet, by blocking their MAC address. I used 1 configuration the resulat is that client are no longer to ping the gateway but still get access to internet.

My config.

iptables -A INPUT -m mac --mac-source 00:0B:DB:45:56:42 -j DROP

Please help me

jaz_comp

10-04-2006 04:26 PM

Hi,

Try this i hope it will work.

iptables -A INPUT -p tcp -m mac --mac-source 00:0BB:45:56:42 -j DROP

if you have any proxy server then

iptables -A INPUT -m -p (port number) -d (proxy server ip)mac --mac-source 00:0BB:45:56:42 -j DROP

Thanks & Regards

jaz_comp

Hangdog42

10-04-2006 04:30 PM

And just so you know, MAC addresses are trivial to spoof, so this may not do the trick if the users has any knowledge. It is also possible depending on what hardware is between you and the computer you're trying to block, the MAC address may have been changed.

fotoguy

10-09-2006 07:59 AM

Block access to the internet you need to use the FORWARD chain not the INPUT chain try:

Code:

iptables -A FORWARD -p tcp -m mac --mac-source 00:0BB:45:56:42 -j DROP

All times are GMT -5. The time now is 11:07 PM.