[Shorewall-users] Rules by Mac Address

Tom Eastep teastep at shorewall.net
Wed Sep 1 08:29:29 PDT 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Tom Eastep wrote:
| mynullvoid wrote:
| | Hi,
| |
| | I am using Shorewall in Adamantix. At the moment everything flow fine,
| my question is that how can I filter the access by computer mac address,
| I had read the documentation maybe I am 'stupid enough to spot the
| guide, if so please show me'.
| |
| | What is the rules line if I want to
| | 1. limit ~01-01-01-01-01-01,~02-02-02-02-02-02,~03-03-03-03-03-03-03
| to access 202.202.202.202 only
| | 2. others can access port 80,445,25
| |
| | ACCEPT loc:~01-01-01-01-01-01,~02-02-02-02-02-02,~03-03-03-03-03-03-03
| 202.202.202.202 tcp
| | ACCEPT loc net - 80,445,25
| |
|
| ACCEPT loc:~01-01-01-01-01-01,~02-02-02-02-02-02,~03-03-03-03-03-03-03 \
|     net:202.202.202.202 all
| REJECT loc:~01-01-01-01-01-01,~02-02-02-02-02-02,~03-03-03-03-03-03-03 \
|     net             all
| ACCEPT    loc    net         tcp    80,445,25
|

BTW -- I suspect you want TCP port 443 (https) rather than 445
(microsoft-ds).

- -Tom
- --
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFBNerZO/MAbZfjDLIRApPrAJ9RtVCkrmvlTOH4TmLKIgLOw2B+jgCgtaCk
xJY/OMSF1ov9IjxVeGVFvyY=
=GTf2
-----END PGP SIGNATURE-----


More information about the Shorewall-users mailing list