> Hi,
>
> I work in Sao Paulo, Brazil, in a ISP, and in our site we have a Linux
> Server (Conectiva Linux - A Brazilian version of Red Hat Linux). We need
> to limit the packet input in this Server based on the source MAC Address
> of the packet. Unfortunately, we have no way to filter the packets based
> in the source IP Address :(. We need a MAC Address filter, where only
> the MAC''s in a Access List can access the services on this Linux
server.
> Is there a Linux feature, or a software, or anyone that knows the Linux
> Kernel and can give us some tips on how to develop that kind of filter?
This is way off topic, (redhat list for their ssl web server product =) but
I''ll
answer it anyways. First off you''ll only see MAC addresses on the local
LAN, so
like if this is a university lab or something fine, if it''s an internet
server
it won''t work.
This question and a related one are answered in our ask Buffy column:
http://www.securityportal.com/buffy/buffy20000831.html
Selectively Enabling Network Jacks
Filtering by MAC Address
Another method would be to upgrade to a 2.4 kernel which supports filtering by
MAC address (lotsa luck on that one).
> Thanks,
> Tiago Nogueira
Kurt Seifried - seifried@securityportal.com
SecurityPortal, your focal point for security on the net
http://www.securityportal.com/