Saturday, August 18, 2007

iptables dengan MAC address

Senario :

Nak allow port 80 dan proxy pada port 3128
mac address = 09:0A:EF:91:04:05
eth1 = LAN Interface
ip LAN = 192.168.100.0/24

DROP dulu semua chain INPUT
iptables -P INPUT DROP

Buka chain OUTPUT
iptables -P OUTPUT ACCEPT

DROP connection ke port 80 dan 3128
iptables -A INPUT -p tcp -i eth1 -s 192.168.100.0/24 -d 0/0 --dport 80 -j DROP
iptables -A INPUT -p tcp -i eth1 -s 192.168.100.0/24 -d 0/0 --dport 3128 -j DROP

masukkan rule
iptables -A INPUT -p tcp -i eth1 --destination-port 80 -m mac --mac-source 00:0A:EF:91:04:05 -j ACCEPT

iptables -A INPUT -p tcp -i eth1 --destination-port 3128 -m mac --mac-source 00:0A:EF:91:04:05 -j ACCEPT

ok itu saja.. lakukan untuk mac address lain
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

 Simple Python Calculator This script will allows your to calculate the integers given with the chosen operation. You can add, substract, mu...