On Mon, 2003-07-28 at 12:40, Hein Bauer wrote: > Dear List, > I just dnatted my ssh port of Bering 1.0 to a sshd-server inside my > localnet. Works fine :-). But I am concerned about security.... I would > like to restrict ssh-logins from a list of MAC-Addresses. > I had a look into /etc/shorewall/rules and tried net:~00-00-00-00-00-00 > (<-- somethin� like that ;-)) > Shorewall ouputs this: > "no chain/target/match for that name" > and .. exits..
Your kernel must have MAC address match support in order for this to work; don't know if Jacques includes that or not. > > Hm. I cannot use a IP-Adress for restriction, because it changes. The > ssh "client" got a dynamic IP..., so I would like to use MAC-Addresses. > Unless the client is on the same network as you are, MAC matching won't work. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
