thr3ads.net - Shorewall users - [Shorewall-users] MACLIST -> one more time ... :( [Dec 2002]

If this information is useful, please help other people find it:
Share via:

Maciek Kurkiewicz

2002-Dec-12 22:02 UTC

[Shorewall-users] MACLIST -> one more time ... :(

> Yes -- just leave the setting of MACLIST_DISPOSITION=REJECT and any
request> from interfaces with the ''maclist'' option will be
rejected if there isn''t
a> match found in the maclist file.
I have wrote some IP''s and MAC''s from my network, for example
:
#INTERFACE              MAC                     IP ADDRESSES (Optional)

                00-E0-7D-BA-8C-C5               192.168.1.6,192.168.1.11
                00-09-2C-30-02-AD               192.168.1.7
                00-30-4F-1B-9D-D8               192.168.1.73

My Client IP is 192.168.1.6, I have done shorewall restart and I have
changed my IP from 192.168.1.6 to 192.168.1.106. And I have already internet
and I can log to the serwer. I should write that I have update my shorewall
from 1.3.7, and rename file shorewall.confnew on shorewall.conf so I have
all new rules like MACLIST_DISPOSITION=REJECT. So why it is not working, why
I still have net ? Why I am not rejected ? Please help me

Maciek

P.S. Sory for posting not on list mail ...





--
----
Oferta jakiej jeszcze nie by³o!
Serwer www 60 MB za 99 z³ rocznie
Szczegó³y: www.oferta.alpha.pl
----

Tom Eastep

2002-Dec-12 22:05 UTC

head link

[Shorewall-users] MACLIST -> one more time ... :(

--On Thursday, December 12, 2002 11:02:22 PM +0100 Maciek Kurkiewicz 
<maciek@alpha.net.pl> wrote:
> I have wrote some IP''s and MAC''s from my network, for
example :
># INTERFACE              MAC                     IP ADDRESSES (Optional)
>
>                 00-E0-7D-BA-8C-C5               192.168.1.6,192.168.1.11
>                 00-09-2C-30-02-AD               192.168.1.7
>                 00-30-4F-1B-9D-D8               192.168.1.73
>
> My Client IP is 192.168.1.6, I have done shorewall restart and I have
> changed my IP from 192.168.1.6 to 192.168.1.106. And I have already
> internet and I can log to the serwer. I should write that I have update
> my shorewall from 1.3.7, and rename file shorewall.confnew on
> shorewall.conf so I have all new rules like MACLIST_DISPOSITION=REJECT.
> So why it is not working, why I still have net ? Why I am not rejected ?
> Please help me
>
Do you have the ''maclist'' option specified for the interface
to 192.168.1.*
in /etc/shorewall/interfaces?

-Tom
--
Tom Eastep   \ Shorewall - iptables made easy
Shoreline,    \ http://shorewall.sf.net
Washington USA \ teastep@shorewall.net

Seemingly Similar Threads

Search for more seemingly similar threads

Shorewall users - Dec 2002 - MACLIST -> one more time ... :(

[Shorewall-users] MACLIST -> one more time ... :(

[Shorewall-users] MACLIST -> one more time ... :(

Seemingly Similar Threads