Re: [Shorewall-users] maclist issues

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Dear Sir,

    First of all, sorry for those previous emails. I
was confused with how blacklist and maclist works. I
thought that if we put all those mac addresses into
maclist, it will be blocked just like the way
blacklist works. I would apologizes for any
inconvience caused. Thanks a lot for your time. Bye!!

Brian

--- Tom Eastep <te...@sh...> wrote:
> Tom Eastep wrote:
> > Tom Eastep wrote:
> > 
> >> Diamond King wrote:
> >>
> >>> Hello there again. Sorry for the question. i did
> not
> >>> provide clear information. anyway, i try to
> explain it
> >>> in much more clearer form this time.
> >>>
> >>>
> >>>> And that MAC address belongs to some host on
> the
> >>>> physical network connected to eth1, correct?
> >>>
> >>>
> >>>
> >>> Yes, and the MAC address IP is 192.168.11.251
> >>
> >>
> >>
> >> Please forward the output of "shorwall show
> eth1_mac" as an 
> >> attachment. Thanks,
> >>
> > 
> > Maybe we can solve this another way -- your
> initial post said that you 
> > put this entry in /etc/shorewall/maclist:
> > 
> >     eth1         00:0C:76:94:7B:E6
> > 
> > You do realize that this means that you want to
> *ACCEPT* traffic from 
> > that MAC through eth1, right?
> > 
> > The setting of MACLIST_DISPOSITION in
> /etc/shorewall/shorewall.conf 
> > determines what happens to traffic that is *not*
> from the addresses 
> > listed in /etc/shorewall/maclist -- from the log
> messages you forwarded, 
> > it looks like MACLIST_DISPOSITION=DROP
> > 
> > Possibly, what you really want is a DROP rule in
> /etc/shorewall/rules 
> > that drops (and possibly logs) traffic from that
> host:
> > 
> >     DROP:info    z:~00-0C-76-94-7B-E6 all   
> > 
> > where 'z' is the zone corresponding to eth1.
> > 
> 
> And note that you can also blacklist by MAC address:
> 
> /etc/shorewall/blacklist:
> 
> ~00-0C-76-94-7B-E6
> 
> And set the 'blacklist' option on eth1 in
> /etc/shorewall/interfaces.
> 
> -Tom
> -- 
> Tom Eastep    \ Nothing is foolproof to a
> sufficiently talented fool
> Shoreline,     \ http://shorewall.net
> Washington USA  \ te...@sh...
> 
> _______________________________________________
> Shorewall-users mailing list
> Post: Sho...@li...
> Subscribe/Unsubscribe:
>
https://lists.shorewall.net/mailman/listinfo/shorewall-users
> Support: http://www.shorewall.net/support.htm
> FAQ: http://www.shorewall.net/FAQ.htm
> 
shor

__________________________________
Do you Yahoo!?
Yahoo! Mail is new and improved - Check it out!
http://promotions.yahoo.com/new_mail