View Full Version : Firewall Config ?
29th November 2006, 05:03 PM
How do I setup the firewall on FC5 to only allow three NIC MAC addresses through ?
29th November 2006, 05:25 PM
you can set a firewall to block all ips except those three but im fairly sure no firewall will go so far as to check mac addresses since its beyond its purpose and most OS's allow you to manually enter whatever mac address you want sent.
29th November 2006, 08:43 PM
Draper is right Xavior. MAC addys are pretty easy to spoof these days.
But, look at your OSI model again:
Firewalls are traditionaly a layer 3/4 device
MAC addys are a layer 2 component
Wrong tool for the job - least in an old school, traditional perspective. BUT, thanks to the guys at the netfilter project, Linux isn't limited to narrow, old fashioned world views <g>
With iptables, you can set a MAC filter in netfilter:
$IPTABLES -A INPUT -m mac --mac-source ! 08:00:46:99:CB:96 -j REJECT (or DROP if you want to be rude about it all)
where 08:00:46:99:CB:96 is a MAC addy you want to allow through.
Lather, rinse and repeat for all desired MAC addys.
30th November 2006, 04:25 PM
Thanks guys, I'll look into it..
I always thought it was easier to spoof an IP rather than a MAC addr...
Sygate allows you to specify MAC addrs, because of that..
vBulletin® v3.8.7, Copyright ©2000-2013, vBulletin Solutions, Inc.