LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

March 2018

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS March 2018

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	iptables mac filtering: iptables fails to start after trying to use "mac" iptables module
From:	Karel Lang AFD <[log in to unmask]>
Reply To:	Karel Lang AFD <[log in to unmask]>
Date:	Fri, 2 Mar 2018 12:04:39 +0100
Content-Type:	text/plain
Parts/Attachments:	text/plain (49 lines)

Hello guys,

stumbled on weird thing today - wanted to setup some iptables rules 
based on 'mac address' and iptables failed to start.

cat /etc/redhat-release
Scientific Linux release 7.4 (Nitrogen)

iptables --version
iptables v1.4.21

yum list all | grep iptables
iptables.x86_64                         1.4.21-18.2.el7_4 
@sl-fastbugs
iptables-services.x86_64                1.4.21-18.2.el7_4 
@sl-fastbugs
iptables-utils.x86_64                   1.4.21-18.2.el7_4 
@sl-fastbugs


what happens:
after adding simple rule to '/etc/sysconfig/iptables':
*filter
-A INPUT -m mac --mac-source 52-54-00-6f-04-51 -j ACCEPT


it refuses to start after 'systemctl restart iptables' and the 
'journalctl -xe' says:

Error occurred at line: XX and thats' it



If i add the same simple rule to the SL 6.9 iptables rules, it works 
without problem..

Anyone stumled upon this, only thing i can think of is, that it is not 
compiled in standard kernel ..

Thanks for any input - i tried to lookup things at search engines, but 
so far no light ..ehh.


-- 
*Karel Lang*
*Unix/Linux Administration*
[log in to unmask] | +420 731 13 40 40
AUFEER DESIGN, s.r.o. | www.aufeerdesign.cz

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV