LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   MAC Address + IPTABLES (https://www.linuxquestions.org/questions/linux-networking-3/mac-address-iptables-180073/)

yvesg 05-10-2004 04:45 PM
MAC Address + IPTABLES
 
How-To allow traffic by using a MAC address and IPTABLES ?

I've found that I need to use -m MAC --mac-source xx:xx:xx:xx:xx:xx

But this doesn't seem to work for me.

I want to forward incoming traffic from the internet (at port 3389) to an internal pc on my network (at port 3389 also) but only my Laptop's MAC address is allowed to connect to that port.

I've used this command:

${IPTABLES} -t nat -A PREROUTING -i eth0 -p tcp --dport 3389 -j DNAT --to-destination 10.0.0.2:3389 -m mac --mac-source xx:xx:xx:xx:xx
${IPTABLES} -A FORWARD -p tcp -i eth0 -d 10.0.0.2 --dport 3389 -j ACCEPT

Without the -m mac specified, it works.

(This way even I can't connect to the port, security is to thight :) )

RHELL 05-10-2004 08:36 PM
You will not see the MAC address of a host connected across the internet, only those on the same LAN as you.


All times are GMT -5. The time now is 08:03 PM.