Thread: iptables open for MAC addresses

I have a DSL account with changing IP addresses, so I want to use the MAC filtering for allowing access only to my MAC address.

I want to block access to 3306 mysql on the server for all except myself:

Code:

iptables -A INPUT -p tcp --destination-port 3306 -j DROP
iptables -I INPUT -i eth0 -p tcp --destination-port 3306 -m mac --mac-source 00:30:1b:bd:76:c8 -j ACCEPT

NOTE: I don't want to block everything as a rule.

iptables -L -v output on the server:

Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:mysql MAC 00:30:1B:BD:76:C8
DROP tcp -- anywhere anywhere tcp dpt:mysql

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

But access to mysql fails now (it worked before without iptables rules):

xxxx@ubuntu:/usr/local/shellscripte/scripts$ mysql -h xxxxxx -u root
ERROR 2003 (HY000): Can't connect to MySQL server on 'xxxxxx' (110)


Any ideas what is wrong, or alternative ways of achieving this?

Anybody able to give ideas? Help is greatly appreciated. Thanks!