[Shorewall-newbies] maclist setup

David Shepherd sdave at ufl.edu
Mon Mar 8 19:11:17 PST 2004

Thanks I will look at that, I did find a solution...I just added this to
the start file so that it runs to allow access to the address
which is eth0:

iptables -I eth1_mac -d -j ACCEPT

and eth0 doesn't have net access so they cannot get internet access...I
will look at that other how to though...Is there anything wrong with
what I did for a solution?

-----Original Message-----
From: shorewall-newbies-bounces at lists.shorewall.net
[mailto:shorewall-newbies-bounces at lists.shorewall.net] On Behalf Of Tom
Sent: Monday, March 08, 2004 10:04 PM
To: List for New Shorewall Users
Subject: Re: [Shorewall-newbies] maclist setup

On Mon, 8 Mar 2004, David Shepherd wrote:

> The web server isn't the issue, the setup to only restrict macs on
> and not eth0 is my problem..they are both connected to the same
> network..not in the same subnet though..

Every multi-interface HOWTO on the Shorewall site advises you about
connecting more than one network interface to the same HUB or Switch and
mentions that the workaround for the inevitable problems may be to set
'arp_filter' option on those interfaces in /etc/shorewall/interfaces.

Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net
Shorewall-newbies mailing list
Post: Shorewall-newbies at lists.shorewall.net
Support: http://www.shorewall.net/support.htm
FAQ: http://www.shorewall.net/FAQ.htm

More information about the Shorewall-newbies mailing list