Yes.
http://www.netfilter.org/documentation/HOWTO//packet-filtering-HOWTO-7.html#ss7.3
Scroll down to the section "Other Match Extensions" where you will
find the mac match. Here's an example usage like you descibe
iptables -A <chain> -m mac --mac-source ! <mac address> -j DROP
Since you are either allowing it or not to all networks, you don't
need the destination set. From the looks of it, you are only concerned
about the mac address.
Regards,
Daniel
On 6/9/06, Luis <[EMAIL PROTECTED]> wrote:
hi there
i m setting some new rules in my firewall and i would like to know if ifs
dooable
the next thing
example iptables -a ! computermac-addrees -d anynetwork -j DROP
IS THAT doable?
-------------------------------------------------
Luis A. Rondon Paz
L I N U X .~. Admin intranet CNT
The Choice /V\ icq #132736035
of a GNU /( )\ [EMAIL PROTECTED]
Generation ^^-^^ Santiago de cuba
UONET
-------------------------------------------------
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
