i would like to do using FORWARD
example
iptables -A FORWARD -s -m ! 00:0F:EA:91:04:08 -d 0.0.0.0/0 -p tcp --dport
3128 -j DROP
i want to set this rule to avoid the computer being cloned
i think using mac & iptables i can solve this rigth ?
What do you mean by "cloned". It is trivial to spoof a mac address.
Also, the mac address only matters per network segment, so this would
only be useful when used for something that is behind your firewall
being permitted out, or something that is directly on the external
side of your firewall coming in. MAC addresses become completely
irrelevent once traffic passes through a router.
As for your syntax, that looks correct.
~Daniel
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
