1 (edited by napierzaza 2007-09-24 22:38:37)

Topic: Blocking a certain IP Address/MAC address

I've been trying to use /etc/firewall.user to block a port range of someone on my network but it does not appear to be working.


I've tried each rule below with no results*

Note: I have the MAC address package installed and when the commands are run there are no errors. I tried the first group, then the second, then the third. Does anyone know which would be most effective. I only really want to block all ports above 1000 from connecting to the IP/MAC (the last one should totally block it).

* No results means that there are still connections by the IP in /proc/net/ip_conntrack

iptables        -A forwarding_wan -p tcp -m mac --mac-source 00:1b:00:00:00:00 --dport 1000: -j DROP
iptables        -A forwarding_wan -p tcp --dport 1000: -d 192.168.1.215 -j DROP

iptables        -A forwarding_wan -p tcp -m mac --mac-source 00:1b:00:00:00:00 --sport 1000: -j DROP
iptables        -A forwarding_wan -p tcp --sport 1000: -d 192.168.1.215 -j DROP

iptables        -A forwarding_wan -p tcp -m mac --mac-source 00:1b:00:00:00:00 -j DROP