Quote:
Originally Posted by dellthinker
Hi all. Does anyone know how i would go about filtering MAC addys with debian? Maybe a firewall or something? Im using a firewall on the machine but i dont think it offered mac filtering. I read this post here but i looks like that person was using iptables. But it seems like he's talking about filtering out every service on the machine, im just trying to filter mac addresses of certain services, sort of like hosts.allow type. Any suggestions?
|
what firewall are you using?? it would be really strange (but not impossible) if it isn't some type of front-end to iptables... using mac address filtering in iptables to block access to only certain services is basically just a matter of adding a couple matches to a typical iptables rule...
instead of filtering all packets from the MAC, like:
Code:
iptables -I INPUT -m mac ---mac-source xx:xx:xx:xx:xx:xx -j DROP
you'd specify what you don't want them to use (for example HTTP):
Code:
iptables -I INPUT -p TCP --dport 80 \
-m mac ---mac-source xx:xx:xx:xx:xx:xx -j DROP