1SHOREWALL-MACLIST(5)            [FIXME: manual]           SHOREWALL-MACLIST(5)
2
3
4

NAME

6       maclist - Shorewall MAC Verification file
7

SYNOPSIS

9       /etc/shorewall/maclist
10

DESCRIPTION

12       This file is used to define the MAC addresses and optionally their
13       associated IP addresses to be allowed to use the specified interface.
14       The feature is enabled by using the maclist option in the
15       shorewall-interfaces[1](5) or shorewall-hosts[2](5) configuration file.
16
17       The columns in the file are as follows.
18
19       DISPOSITION - {ACCEPT|DROP|REJECT}[:log-level]
20           ACCEPT or DROP (if MACLIST_TABLE=filter in shorewall.conf[3](5),
21           then REJECT is also allowed). If specified, the log-level causes
22           packets matching the rule to be logged at that level.
23
24       INTERFACE - interface
25           Network interface to a host.
26
27       MAC - address
28           MAC address of the host -- you do not need to use the Shorewall
29           format for MAC addresses here. If IP ADDRESSESES is supplied then
30           MAC can be supplied as a dash (-)
31
32       IP ADDRESSES (Optional) - [address[,address]...]
33           If specified, both the MAC and IP address must match. This column
34           can contain a comma-separated list of host and/or subnet addresses.
35           If your kernel and iptables have iprange match support then IP
36           address ranges are also allowed. Similarly, if your kernel and
37           iptables include ipset support than set names (prefixed by "+") are
38           also allowed.
39

FILES

41       /etc/shorewall/maclist
42

SEE ALSO

44       http://shorewall.net/MAC_Validation.html
45
46       shorewall(8), shorewall-accounting(5), shorewall-actions(5),
47       shorewall-blacklist(5), shorewall-hosts(5), shorewall_interfaces(5),
48       shorewall-ipsets(5), shorewall-masq(5), shorewall-nat(5),
49       shorewall-netmap(5), shorewall-params(5), shorewall-policy(5),
50       shorewall-providers(5), shorewall-proxyarp(5),
51       shorewall-route_rules(5), shorewall-routestopped(5),
52       shorewall-rules(5), shorewall.conf(5), shorewall-secmarks(5),
53       shorewall-tcclasses(5), shorewall-tcdevices(5), shorewall-tcrules(5),
54       shorewall-tos(5), shorewall-tunnels(5), shorewall-zones(5)
55

NOTES

57        1. shorewall-interfaces
58           http://www.shorewall.net/manpages/shorewall-interfaces.html
59
60        2. shorewall-hosts
61           http://www.shorewall.net/manpages/shorewall-hosts.html
62
63        3. shorewall.conf
64           http://www.shorewall.net/manpages/shorewall.conf.html
65
66
67
68[FIXME: source]                   09/16/2011              SHOREWALL-MACLIST(5)
Impressum