SHOREWALL6-MACLIST(5) | [FIXME: manual] | SHOREWALL6-MACLIST(5) |
NAME¶
maclist - shorewall6 MAC Verification fileSYNOPSIS¶
/etc/shorewall6/maclist
DESCRIPTION¶
This file is used to define the MAC addresses and optionally their associated IPv6 addresses to be allowed to use the specified interface. The feature is enabled by using the maclist option in the shorewall6-interfaces[1](5) or shorewall6-hosts[2](5) configuration file. The columns in the file are as follows. DISPOSITION - {ACCEPT|DROP|REJECT}[:log-level]ACCEPT or DROP (if
MACLIST_TABLE=filter in shorewall6.conf[3](5), then REJECT is also
allowed). If specified, the log-level causes packets matching the rule
to be logged at that level.
INTERFACE - interface
Network interface to a host.
MAC - address
MAC address of the host -- you do not
need to use the shorewall6 format for MAC addresses here. If IP
ADDRESSESES is supplied then MAC can be supplied as a dash (
-)
IP ADDRESSES (Optional) - [address[,address]...]
If specified, both the MAC and IP address must
match. This column can contain a comma-separated list of host and/or subnet
addresses. If your kernel and ip6tables have iprange match support then IP
address ranges are also allowed. Similarly, if your kernel and ip6tables
include ipset support than set names (prefixed by "+") are also
allowed.
FILES¶
/etc/shorewall6/maclistSEE ALSO¶
http://shorewall.net/MAC_Validation.html http://shorewall.net/configuration_file_basics.htm#Pairs shorewall6(8), shorewall6-accounting(5), shorewall6-actions(5), shorewall6-blacklist(5), shorewall6-hosts(5), shorewall6-interfaces(5), shoewall6-netmap(5),shorewall6-params(5), shorewall6-policy(5), shorewall6-providers(5), shorewall6-rtrules(5), shorewall6-routestopped(5), shorewall6-rules(5), shorewall6.conf(5), shorewall6-secmarks(5), shorewall6-tcclasses(5), shorewall6-tcdevices(5), shorewall6-tcrules(5), shorewall6-tos(5), shorewall6-tunnels(5), shorewall6-zones(5)NOTES¶
- 1.
- shorewall6-interfaces
- 2.
- shorewall6-hosts
- 3.
- shorewall6.conf
06/28/2012 | [FIXME: source] |