水曜日, 8月 02, 2006

iptables と MAC ADDR

MAC ADDRESSをブロックをしたい技術はiptablesで出来ましたよ。例え:

iptables -A FORWARD -m state -state NEW -m mac -mac-source 00:C7:8F:72:14 -j ACCEPT


この件のURLは↓
http://www.hackdiary.com/archives/000012.html
http://involution.com/iptables_demo/
http://www.cyberciti.biz/nixcraft/vivek/blogger/2005/12/iptables-mac-address-filtering.php

DROP
Drop all connection coming from mac address 00:0F:EA:91:04:08 (add command to your firewall script)
iptables -A INPUT -m mac --mac-source 00:0F:EA:91:04:08 -j DROP

ALLOW
With mac addressAllow port 22 for mac address 00:0F:EA:91:04:07
iptables -A INPUT -p tcp --destination-port 22 -m mac --mac-source00:0F:EA:91:04:07 -j ACCEPT

0 件のコメント:

コメントを投稿