| Source MAC |
| Prev | Filtering and Manipulation of Packets | Next |
iptables -A INPUT --match mac --mac-source 12:E4:86:FA:5C:54 -j ACCEPT
Match source MAC address. It must be of the form XX:XX:XX:XX:XX:XX. Note that this only makes sense for packets coming from an Ethernet device and entering the PREROUTING, FORWARD or INPUT chains.
This options is very useful for protection against man-in-the-middle attacks, because it is possible to combine it with the --source option and so protection against arp-spoofing may be provided.
| Prev | Home | Next |
| Incoming and Outgoing Interface | Up | Limit matches |