Mailinglist Archive: opensuse-security (228 mails)

< Previous Next >
Allow MAC addresses through SuSEfirewall2
  • From: "Tom Knight" <thomas.knight@xxxxxxxxxx>
  • Date: Fri, 4 Mar 2005 16:23:56 -0000
  • Message-id: <ICELJOHAGNAFJPFMMBKOKEOKDGAA.thomas.knight@xxxxxxxxxx>
Hi everyone!

Using SuSE Linux Enterprise Server 8, SuSEfirewall2

A user is requesting that a number of developers have access to my server,
but the IP addresses are variable across a large subnet, so allowing access
to MAC address has been suggested.

I want this not to interfere with the existing rules in the
/etc/sysconfig/SuSEfirewall file, and I want a number of MAC addresses
allowed in.

I'm guessing I need to add something like:
iptables -A INPUT -m mac --mac-source 12:23:34:45:56 -m tcp --dport
[port] -j ACCEPT
for each MAC address.

Questions:
1. Is my guess at an iptables line anywhere near useful?
2. Is there anything I have to check in my kernel config? I stay with the
default kernel.
3. How/where should I make this ionformation available to SuSEfirewall2?
4. Hang on - given they're on a different subnet, will this work anyway?

Many thanks,

Tom.

--
Tom Knight
System Administration Officer
Arts & Humanities Data Service
Web: http://www.ahds.ac.uk
Email: tom.knight@xxxxxxxxxx


< Previous Next >
Follow Ups