0

I need to block any incoming connection from a MAC address different from a specific one (which is static and well known).

This MAC address should generate only non-IP connection: this is the reason why I don't know if ARPtables could be the best solution.

Any suggestion?

Improve this question
8
  • You'll have to provide more informations on the network setup, the current system's network configuration (interfaces...), the network protocols involved and the reason (rather than only the method) for having to block. Is this ARP (because arptables blocks only ARP, but you write non-IP which is not specific enough)? Without these additional informations an answer might miss important points. Commented Sep 21, 2020 at 11:10
  • I think this question ask here: serverfault.com/questions/519480/… Commented Sep 21, 2020 at 11:28
  • Is this NCP ie NetWare ? Or the transport protocol in OSI ? If it isn't ARP, SNA ? Commented Sep 21, 2020 at 11:43
  • I have an ETH interface with a static MAC address: this interface is used only for AVB, hence no ARP and IP. This interface is directly connected to another ETH interface with a well-know static MAC address. My primary goal is to block any connection from different MAC address and connections with EtherType in Ethernet Frame different from the AVB one. Commented Sep 22, 2020 at 5:21
  • I didn't know about AVB.... reading the description of it : big hops and complexity to make 802.3 do that TokenBus did early on... but market forces and competition.... Commented Sep 22, 2020 at 9:44

1 Answer 1

Reset to default
0

You can do it with this command:

 iptables -A INPUT -m mac --mac-source 12:34:56:78:9A:BC -j DROP

just replace 12:34:56:78:9A:BC with the mac address that you want to block.

Improve this answer
2
  • 1
    I'm not so sure: I think the eth packet is processed by iptables only if EtherType in Ethernet Frame is IPv4 or IPv6. Do you think the packet is always processed by iptables even if it is not a standard IP packet? Commented Sep 22, 2020 at 5:25
  • Similar answer on AskUbuntu Commented Jul 10, 2024 at 21:40

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.