I wouldn't think this would do you much good.  By definition a MAC address will be of the machine that sent the packet on the LAST HOP, and not the ultimate sender in a routed environment.  Only the IP will show the original source.  You should have a pretty good grasp of which internal IPs are which machines, and can coordinate with DHCP if necessary to find out what machine had an IP at a particular time.  On the external side, even if you could log MAC address, it would only show you the MAC of your next hop router which isn't too useful really.
-----Original Message-----
From: jeremy [mailto:[EMAIL PROTECTED]]
Sent: Friday, January 19, 2001 4:13 PM
To: [EMAIL PROTECTED]
Subject: how to log mac address in Ipchains

Hi all,
 
    I was wondering how one could log mac addresses with ipchains.  Lets say that we had
 
ipchains -A input -l -s *.*.*.8 -d $1 0/0 -j DENY
 
how in there can i add to log the mac address that requested it?
 
Thanks
 

Reply via email to