My linux server is using shorewall 3.0.x, Can I blacklisting host by it''s MAC address ?
Adrian Mak wrote:> My linux server is using shorewall 3.0.x, Can I blacklisting host by > it''s MAC address ?Am I right in saying shorewall only deals with layers higher than the layer (can''t remember the number) that handles MAC addresses so Shorewall won''t even see them? -- Ray Booysen rj_booysen@rjb.za.net ------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
Adrian Mak wrote:> My linux server is using shorewall 3.0.x, Can I blacklisting host by > it''s MAC address ?Yes, but why? MAC addresses are only used within an Ethernet LAN so you would be blacklisting hosts on your own network. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
Ray Booysen wrote:> Adrian Mak wrote: > >> My linux server is using shorewall 3.0.x, Can I blacklisting host by >> it''s MAC address ? > > Am I right in saying shorewall only deals with layers higher than the > layer (can''t remember the number) that handles MAC addresses so > Shorewall won''t even see them? >No. That is incorrect. Shorewall can operate on MAC addresses. Just look at the format of the rules file. -Roberto -- Roberto C. Sanchez http://familiasanchez.net/~roberto
--- Tom Eastep <teastep@shorewall.net> wrote:> Adrian Mak wrote: > > My linux server is using shorewall 3.0.x, Can I > blacklisting host by > > it''s MAC address ? > > Yes, but why? MAC addresses are only used within an > Ethernet LAN so you > would be blacklisting hosts on your own network.In an educational environment, where bandwidth is always at a premium, it would be nice to be able to turn off someones NIC (or at least put it in shackles) if it was generating bad traffic. Lee __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
Lee Zelyck wrote:> > --- Tom Eastep <teastep@shorewall.net> wrote: > > >>Adrian Mak wrote: >> >>>My linux server is using shorewall 3.0.x, Can I >> >>blacklisting host by >> >>>it''s MAC address ? >> >>Yes, but why? MAC addresses are only used within an >>Ethernet LAN so you >>would be blacklisting hosts on your own network. > > > In an educational environment, where bandwidth is > always at a premium, it would be nice to be able to > turn off someones NIC (or at least put it in shackles) > if it was generating bad traffic.At any rate, I believe that the instructional comments at the top of /etc/shorewall/blacklist are clear enough that the OP can see how to do it. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
2006/5/17, Tom Eastep <teastep@shorewall.net>:> > Lee Zelyck wrote: > > > > --- Tom Eastep <teastep@shorewall.net> wrote: > > > > > >>Adrian Mak wrote: > >> > >>>My linux server is using shorewall 3.0.x, Can I > >> > >>blacklisting host by > >> > >>>it''s MAC address ? > >> > >>Yes, but why? MAC addresses are only used within an > >>Ethernet LAN so you > >>would be blacklisting hosts on your own network. > > > > > > In an educational environment, where bandwidth is > > always at a premium, it would be nice to be able to > > turn off someones NIC (or at least put it in shackles) > > if it was generating bad traffic. > > At any rate, I believe that the instructional comments at the top of > /etc/shorewall/blacklist are clear enough that the OP can see how to do > it. > > -TomI knew the /etc/shorewall/blacklist can add MAC address, but currently I use dyanmic blocking to block host i.e. /sbin/shorewall drop 192.168.103.1033724 , do I use MAC address here ?
Adrian Mak wrote:> > I knew the /etc/shorewall/blacklist can add MAC address, but currently I > use > dyanmic blocking to block host i.e. /sbin/shorewall drop > 192.168.103.1033724 , do I use MAC address here ? >No. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key