Board index Linux Networking

using mac address instead of an IP address of hostname

using mac address instead of an IP address of hostname

Post by H.S. » Thu, 22 Nov 2007 10:41:41



Hi,

Can one make rules in iptables to allow outgoing connections based only
on destination mac addresses? I looked at the man page of iptables and
looks like that it can be used for incoming packets in some chains only.

thanks,
->HS

 
 
 
Top

using mac address instead of an IP address of hostname

Post by Bill Marcu » Thu, 22 Nov 2007 13:42:54



Quote:

> Hi,

> Can one make rules in iptables to allow outgoing connections based only
> on destination mac addresses? I looked at the man page of iptables and
> looks like that it can be used for incoming packets in some chains only.

Mac addresses exist only on local networks.  They aren't transmitted
over the internet.

 
 
 
Top

using mac address instead of an IP address of hostname

Post by H.S. » Thu, 22 Nov 2007 13:58:22




>> Hi,

>> Can one make rules in iptables to allow outgoing connections based only
>> on destination mac addresses? I looked at the man page of iptables and
>> looks like that it can be used for incoming packets in some chains only.

> Mac addresses exist only on local networks.  They aren't transmitted
> over the internet.

Yes, I was thinking the same thing after reading up on the material in
the last hour or so. Many thanks for the confirmation.

regards,
->HS

 
 
 
Top

using mac address instead of an IP address of hostname

Post by Pascal Hambour » Thu, 22 Nov 2007 18:07:46


Hello,

Bill Marcum a crit :


>>Can one make rules in iptables to allow outgoing connections based only
>>on destination mac addresses?

> Mac addresses exist only on local networks.  They aren't transmitted
> over the internet.

Besides, at the time an outgoing packet traverses iptables chains the
destination MAC address is not known yet (except when the chain in
called from the bridging firewall framework bridge-nf). However if the
output interface is a bridge, ebtables can be used to do filtering based
on the MAC addresses.
 
 
 
Top

1. WANTED: pingmac <IP ADDR> which returns <MAC ADDRESS of IP ADDRESS>

Hello!

I know this can be done by way of ping/arp at the solaris command line
or via a script, OR via system() calls.  Does anyone know of someone's
efforts to whip this up in an actual executable?  The goal of the
program is to work like this:


PINGMAC 137.204.192.19 (dilbert): MAC ADDRESS of dilbert is:
08:0e:10:02:12:1e


I know there are practical limitations like: MUST BE ON SAME SUBNET
and stuff like this.  BUT does anyone know of a pgm like this, or
might be able to point me somewhere that might?

Tx!

  -Scott

2. Documenting AIX,

3. IP Masquerading with IP Address and Mac Address Restrictions

4. Xfree disk space requrements

5. Hostname Instead of IP address

6. Port scans with decoy hosts

7. Binding a single IP Address to two different MAC addresses

8. Solstice Internet mail Server 2.0

9. Determining IP address from MAC address

10. MAC Address From IP Address

11. change MAC address can change IP address of a machine?

12. Resolving Hostnames/IP-Adresses from MAC-Address

13. how to convert mac address to ip address


All times are UTC
Board index