> On 2. Mar 2018, at 12:04, Karel Lang AFD <l...@afd.cz> wrote: > > Hello guys, > > stumbled on weird thing today - wanted to setup some iptables rules based on > 'mac address' and iptables failed to start. > > cat /etc/redhat-release > Scientific Linux release 7.4 (Nitrogen) > > iptables --version > iptables v1.4.21 > > yum list all | grep iptables > iptables.x86_64 1.4.21-18.2.el7_4 @sl-fastbugs > iptables-services.x86_64 1.4.21-18.2.el7_4 @sl-fastbugs > iptables-utils.x86_64 1.4.21-18.2.el7_4 @sl-fastbugs > > > what happens: > after adding simple rule to '/etc/sysconfig/iptables': > *filter > -A INPUT -m mac --mac-source 52-54-00-6f-04-51 -j ACCEPT > > > it refuses to start after 'systemctl restart iptables' and the 'journalctl > -xe' says: > > Error occurred at line: XX and thats' it > > > > If i add the same simple rule to the SL 6.9 iptables rules, it works without > problem.. > > Anyone stumled upon this, only thing i can think of is, that it is not > compiled in standard kernel ..
It is. > Thanks for any input - i tried to lookup things at search engines, but so far > no light ..ehh. Try reading the manual page ;-) "Match source MAC address. It must be of the form XX:XX:XX:XX:XX:XX"
