>> i would like to do using FORWARD
>> example
>>
>> iptables -A FORWARD -s -m ! 00:0F:EA:91:04:08 -d 0.0.0.0/0 -p tcp
>> --dport
>> 3128 -j DROP
>>
>> i want to set this rule to avoid the computer being cloned
>> i think using mac & iptables i can solve this rigth ?
>
> What do you mean by "clone
i would like to do using FORWARD
example
iptables -A FORWARD -s -m ! 00:0F:EA:91:04:08 -d 0.0.0.0/0 -p tcp --dport
3128 -j DROP
i want to set this rule to avoid the computer being cloned
i think using mac & iptables i can solve this rigth ?
What do you mean by "cloned". It is trivial to spoof
В сообщении от Пятница 09 июня 2006 08:50 Luis написал(a):
> hi there
>
> i m setting some new rules in my firewall and i would like to know if ifs
> dooable
> the next thing
>
> example iptables -a ! computermac-addrees -d anynetwork -j DROP
>
>
> IS THAT doable?
iptables by mac is it ebtables
apt
> iptables -A INPUT -m mac --mac-source 00:0F:EA:91:04:08 -j DROP
i would like to do using FORWARD
example
iptables -A FORWARD -s -m ! 00:0F:EA:91:04:08 -d 0.0.0.0/0 -p tcp --dport
3128 -j DROP
0.0.0.0/ 0 means any network on port 3128
cose im having trouble with cloning computers here
:)
i
On 2006-06-09 Luis wrote:
> i m setting some new rules in my firewall and i would like to know if
> ifs dooable the next thing
>
> example iptables -a ! computermac-addrees -d anynetwork -j DROP
>
> IS THAT doable?
iptables -m mac --help
Regards
Ansgar Wiechers
--
"If a software developer ever
Yes.
http://www.netfilter.org/documentation/HOWTO//packet-filtering-HOWTO-7.html#ss7.3
Scroll down to the section "Other Match Extensions" where you will
find the mac match. Here's an example usage like you descibe
iptables -A -m mac --mac-source ! -j DROP
Since you are either allowing it or
В Птн, 09/06/2006 в 08:38 +0100, Rene Mayrhofer пишет:
> Am Friday 09 June 2006 08:29 schrieb Покотиленко Костик:
> > This problem now solved using only iptables rules. If anybody interested
> > in details let me know.
> Yes, please share your solution - it will certainly be interesting to at
> le
hi there
i m setting some new rules in my firewall and i would like to know if ifs
dooable
the next thing
example iptables -a ! computermac-addrees -d anynetwork -j DROP
IS THAT doable?
-
Luis A. Rondon Paz
L I N
Am Friday 09 June 2006 08:29 schrieb Покотиленко Костик:
> This problem now solved using only iptables rules. If anybody interested
> in details let me know.
Yes, please share your solution - it will certainly be interesting to at least
a few people and is always good to have in the archives.
wit
В Чтв, 01/06/2006 в 00:44 +0300, Покотиленко Костик пишет:
> Hi again,
>
> Another problem. I have set up a firewall rules to have my router DNAT
> some destination IPs and Ports to another. There are also some scripts
> used when the client is authorized (connected with authorization
> software)
10 matches
Mail list logo