Article delegate-en/5103 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A5100@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: MAC Address Filtering
13 Aug 2014 15:54:56 GMT feedback@delegate.org (Yutaka Sato)
The DeleGate Project


Hi,

In message <CAFPeNiq+-+vjm5XRa94Dk527oBiU=kgRdTmmau86WsQ+HnkVHg@mail.gmail.com> on 08/11/14(15:20:15)
you Greg Deward <p5qjqbdyi-c4ifwxmdy25r.ml@ml.delegate.org> wrote:
 |We need to drop or allow packets based on several rules INCLUDING the
 |client MAC address.  Is this possible?  Specifically, we require any
 |combination of the following:
 |
 |- Client MAC Address (specific or wildcard)
 |- Client IP Address (specific or wildcard)
 |- Destination IP Address (specific or wildcard)
 |- Requested Port (specific or wildcard)
 |- Action (drop or allow)

The generic access control parameter of DeleGate is "PERMIT".
<URL:http://www.delegate.org/delegate/Manual.shtml?PERMIT>
The syntax is as follows:

  PERMIT=protocolList:destinationHostList:sourceHostList

This specifies permits only clients listed in sourceHostList
access to servers listed in destinationHostList using
protocols listed in protocolList.
Each list is comma separated host-names or IP-addresses
possibly in wild-card or IP address with network mask, and
optionally with port number.
Another generic parameter for reject list is "REJECT".

  REJECT=protocolList:destinationHostList:sourceHostList

There are a set of parameters applied before PERMIT and REJECT.

  REMITTABLE ... list of protocols to server to be allowed
  REACHABLE ... list of destination servers to be allowd
  RELIABLE ... list of source clients to be allowed

The above parameters do not support MAC-address, and need
restarting DeleGate after you changed them.

The only parameter that supports MAC-address based filtering
for clients and needless of restarting is "SCREEN".
<URL:http://www.delegate.org/delegate/Manual.shtml?SCREEN>
It is likely that this parameter is not so generally used
by users.

 |Thank you, in advance, for your assistance.
 |
 |- G. Deward

Cheers from Japan,
Yutaka
--
  9 9   Yutaka Sato { Do the more with the less -- B. Fuller }
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V