[Firewall] Firewall Digest, Vol 39, Issue 12

thejunk.b at gmail.com thejunk.b at gmail.com
Sun Mar 15 03:40:03 CET 2009


On Saturday 14 March 2009, firewall-request at rocky.eld.leidenuniv.nl wrote:
> Send Firewall mailing list submissions to
> 	firewall at rocky.eld.leidenuniv.nl
>
> To subscribe or unsubscribe via the World Wide Web, visit
> 	http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
> or, via email, send a message with subject or body 'help' to
> 	firewall-request at rocky.eld.leidenuniv.nl
>
> You can reach the person managing the list at
> 	firewall-owner at rocky.eld.leidenuniv.nl
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Firewall digest..."
>
>
> Today's Topics:
>
>    1. mac filter problems (Rene Koka)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Fri, 13 Mar 2009 20:39:44 +0200
> From: Rene Koka <kentaur at tsentraal.ee>
> Subject: [Firewall] mac filter problems
> To: firewall at rocky.eld.leidenuniv.nl
> Message-ID: <49BAA870.30300 at tsentraal.ee>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> Hi
>
> I'm troubled with the mac address filter plugin:
> Arno's Iptables Firewall Script v1.9.0b
> ...
> Checking for (user) plugins in
> /usr/local/share/arno-iptables-firewall/plugins...
> MAC Address Filter plugin v1.0
> Using interface(s): eth0
> (Re)loading allowed internal MAC addresses from /etc/ethers: iptables
> v1.4.2: Bad mac address `00:14:bf:26:2d:de
> 00:90:f5:5e:7e:2c
> 00:10:b5:6f:92:18
> ...
> 00:13:77:5a:59:61
> 00:15:c5:80:9b:5c'
> Try `iptables -h' or 'iptables --help' for more information.
> 1 loaded
>
> /etc/ethers
> 00:14:bf:26:2d:de 10.0.1.3
> 00:90:f5:5e:7e:2c 10.0.1.4
> 00:10:b5:6f:92:18 10.0.1.5
> 00:1c:25:ba:c4:bb 10.0.1.6
> ...
>
> Also there is a sentence which needs to be changed in the
> /etc/arno-iptables-firewall/mac-address-filter.conf
>
> # Specify here the port(s) you want to SSH checks to apply to
> #
> ---------------------------------------------------------------------------
>--- MAC_ADDRESS_IF="eth0"
>
>
>
>
> ------------------------------
>
> _______________________________________________
> Firewall mailing list
> Firewall at rocky.eld.leidenuniv.nl
> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
>
>
> End of Firewall Digest, Vol 39, Issue 12
> ****************************************

When I set mine up I had some questions about putting ip's in with the mac's 
and I couldn't find any info about it one way or the other.  I see that you 
didn't comment the ip's out with # before the ip.  I did and that seams to 
have worked for me.  So try commenting them out and see if that fixes it for 
you.

-- 
if it ain't broke tweak it


More information about the Firewall mailing list