nixCraft
Linux / UNIX Tech Support Forum
IPtables MAC & IP rule for internet access
This is a discussion on IPtables MAC & IP rule for internet access within the Networking, Firewalls and Security forums, part of the Mastering Servers category; Hello there, this is what i use to match both IP and MAC to deny access. Code: iptables -A INPUT ...
|
|||||||
| Networking, Firewalls and Security No it's not a secret. Talk about firewalls and security issues. |
 |
|
|
LinkBack | Thread Tools | Display Modes |
13-07-2009, 12:33 PM
|
|||
|
|||
IPtables MAC & IP rule for internet access
Hello there,
this is what i use to match both IP and MAC to deny access. Code:
iptables -A INPUT -p tcp -s 192.168.1.200 -m mac --mac-source 00:0F:EA:91:04:08 -j DROP * I would like to have a different file including the Matching IP and MAC addresses. and would like my firewall to deny access to any other combination to access the internet. Q. what do i have to write in my firewall script. Q. Please give me an example what should be the file like which consists the IP+MAC combination Thanking you in advance, Tawfiq 
|
| Sponsored Links | ||
|
|
|
13-07-2009, 06:21 PM
|
||||
|
||||
|
Create two files ip.deny.txt:
Code:
192.168.1.2 192.168.2.5 202.54.1.0/24 Code:
00:0F:EA:91:04:08 00:0F:EA:91:04:03 Code:
#!/bin/bash IPDENY=/path/to/ip.deny.txt MACDENY=/path/to/mac.deny.txt for i in $IPDENY do iptables -A INPUT -p tcp -s $i -j DROP done for m in $MACDENY do iptables -A INPUT -p tcp -m mac --mac-source $m -j DROP done
__________________
Vivek Gite Linux Evangelist  Be proud RHEL user, and let the world know about your enterprise choices! Join RedHat user group. Always use CODE tags for posting system output and commands! Do you run a Linux? Let's face it, you need help
|
|
14-07-2009, 11:49 AM
|
|||
|
|||
|
Well.. something went wrong somewhere.
this is what i get when i run the script now, Code:
[root@gateway ~]# sh /root/scripts/firewall iptables v1.3.5: invalid mask `ip.deny.txt' specified Try `iptables -h' or 'iptables --help' for more information. iptables v1.3.5: Bad mac address `/root/scripts/mac.deny.txt' Try `iptables -h' or 'iptables --help' for more information. Code:
IPDENY=/root/scripts/ip.deny.txt MACDENY=/root/scripts/mac.deny.txt
|
|
| Tags |
| iptables , iptables block ips , iptables block mac address , linux firewall block ips |
«
ipTables rule to block a port for all internal IP Addresses except one
|
how to set load balancing??
»
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) |
|
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| How do I connect two computers together to access the Internet? | ibolah | Computer Networking and Internet/broadband | 3 | 14-10-2009 10:31 AM |
| IPtables - IP & MAC combined rule to define internet access | Tawfiq | Networking, Firewalls and Security | 2 | 11-08-2009 11:04 PM |
| [Solved] ipTables rule to block a port for all internal IP Addresses except one | pranaysharmadelhi | Networking, Firewalls and Security | 2 | 14-07-2009 09:49 PM |
| Iptables Two ISP Load Balancing Internet Connection | please | Networking, Firewalls and Security | 2 | 23-06-2009 11:25 AM |
| unable to access ftp server via Internet explorer | satishap | Web servers | 1 | 14-09-2008 09:26 PM |
All times are GMT +5.5. The time now is 01:16 PM.
