Hi,
> ---------cut
> -A INPUT -s 1.2.3.4 -m mac --mac !01:02:03:04:05:06 -j DROP
> COMMIT
> # Completed on Wed Apr 10 03:51:31 2002
> root@firewall:~# iptables-restore < asd
> iptables-restore v1.2.6a: Bad mac address `!01:02:03:04:05:06'
> Try `iptables-restore -h' or 'iptables-restore --help' for more information.
> ---------cut
Patch attached (ipv4 and ipv6, too)
Regards,
kisza
--
Andras Kis-Szabo Security Development, Design and Audit
-------------------------/ Zorp, NetFilter and IPv6
[EMAIL PROTECTED] /---------------------------------------------->
diff -urN netfilter-old/userspace/extensions/libip6t_mac.c netfilter/userspace/extensions/libip6t_mac.c
--- netfilter-old/userspace/extensions/libip6t_mac.c Wed Apr 10 17:34:38 2002
+++ netfilter/userspace/extensions/libip6t_mac.c Wed Apr 10 17:35:56 2002
@@ -90,7 +90,7 @@
{
unsigned int i;
- printf("%s%02X", invert ? "!" : "", macaddress[0]);
+ printf("%s %02X", invert ? "!" : "", macaddress[0]);
for (i = 1; i < ETH_ALEN; i++)
printf(":%02X", macaddress[i]);
printf(" ");
diff -urN netfilter-old/userspace/extensions/libipt_mac.c netfilter/userspace/extensions/libipt_mac.c
--- netfilter-old/userspace/extensions/libipt_mac.c Wed Apr 10 17:34:39 2002
+++ netfilter/userspace/extensions/libipt_mac.c Wed Apr 10 17:35:24 2002
@@ -90,7 +90,7 @@
{
unsigned int i;
- printf("%s%02X", invert ? "!" : "", macaddress[0]);
+ printf("%s %02X", invert ? "!" : "", macaddress[0]);
for (i = 1; i < ETH_ALEN; i++)
printf(":%02X", macaddress[i]);
printf(" ");
