SSH

Taking care of your Linux box.

SSH

Postby venky145 » Tue Nov 18, 2008 9:48 pm

hi

I want allow SSH for a particular MAC address only.

how to do this in iptables
venky145
Havaldaar
 
Posts: 118
Joined: Thu Jan 13, 2005 2:35 pm
WLM: ranga72
Yahoo Messenger: venky145
Location: qatar

Postby lambda » Tue Nov 18, 2008 10:45 pm

i think this will work, but i can't test it right now:

Code: Select all

ptables -A INPUT -m mac --mac-source 00:aa:22:33:44:ff -m tcp -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -m tcp -p tcp --dport 22 -j DROP
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
lambda
Major General
 
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Website: http://www.hungry.com/~fn/
Location: Lahore

Re:

Postby LinuxFreaK » Wed Nov 19, 2008 9:29 am

Dear lambda,
Salam,

lambda wrote:i think this will work, but i can't test it right now:

Code: Select all

ptables -A INPUT -m mac --mac-source 00:aa:22:33:44:ff -m tcp -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -m tcp -p tcp --dport 22 -j DROP


This will work.

Best Regards.
Farrukh Ahmed
LinuxFreaK
Site Admin
 
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
ICQ: 82075802
Website: http://www.linuxpakistan.net/wiki/index.php?pagename=LinuxFreak
WLM: f4fahmed@hotmail.com
Yahoo Messenger: f4fahmed@yahoo.com
AOL: linuxpakistan@aol.com
Location: Karachi

Postby x2oxen » Thu Nov 20, 2008 2:05 am

This will work but only in case of layer 2 network if any of layer 3 device came into play you won't be able to login even from that allowed mac address.
Muhammad Usman
+92-321-6640501
Chemonics International
http://usmanpk.com
x2oxen
Major General
 
Posts: 1114
Joined: Wed Aug 22, 2007 3:17 pm
Website: http://usmanpk.com
WLM: x2oxen@hotmail.com
Yahoo Messenger: x2oxen
Location: Faisalabad


Return to “%s” Administration

Who is online

Users browsing this forum: No registered users and 1 guest

cron