LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 12-06-2011, 10:15 AM   #1
s3frank
LQ Newbie
 
Registered: Dec 2011
Posts: 1

Rep: Reputation: Disabled
IPtables and MAC filtering


Hi all,

I'm fairly new to networking in Linux so please be gentle. I have the following setup in terms of network:

Private lan on 192.168.10.xxx
My all in one wifi router controls this and has an ADSL modem to give it the link to the world. I also have a VPN service in the US that I use to be able to watch stuff that is limited to US only from my home in Singapore.
This VPN is activated on the same router running dd-wrt firmware using the PPTP client that is built in.

I have a Sonos system connected to this which I want to use with Pandora like services.

What I want to do is be able to insert some rules that will do enable the following two things:
1) When sonos MAC packets arrive with destination local network just allow it to flow to the default course of internal 192.168.10.xxx
2) When sonos MAC packets arrive with any other destination push it through the VPN tunnel named ppp0.

How can I make this happen?
 
Old 12-06-2011, 10:45 AM   #2
serafean
Member
 
Registered: Mar 2006
Location: Czech Republic
Distribution: Gentoo, Chakra
Posts: 997
Blog Entries: 15

Rep: Reputation: 136Reputation: 136
Hi,

to filter by MAC address, you should use the iptables mac extension :
Quote:
mac
[!] --mac-source address
Match source MAC address. It must be of the form XX:XX:XX:XX:XX:XX. Note that this only makes sense for packets coming from an Ethernet device and entering the PREROUTING,
FORWARD or INPUT chains.
the rule might look something like this :
Code:
iptables -A FORWARD -m mac --mac-source $SONOS_MAC ! -d 192.168.10.0/24 -o ppp0
this adds a chain (rule) in the forward table that checks the mac address and the destination address for the tcp protocol for a not match (the ! ) and sends it to ppp0.

You will of course need to configure your routing tables properly for this setup. (route command)

Serafean
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
IPTABLES Mac filtering hertzzmang Linux - Networking 1 09-27-2009 07:08 AM
iptables filtering by MAC address bigsmile Linux - Networking 2 09-27-2008 06:51 PM
iptables + mac address filtering Roko Linux - Networking 1 09-10-2008 07:38 AM
iptables mac filtering Ventrix Linux - Security 1 11-21-2007 07:29 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 12:57 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration