This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
device_filtering [2023/05/24 21:15] – [Block devices via script/scheduler] hogwild | device_filtering [2023/05/24 21:22] – [ebtables (routed environment)] hogwild | ||
---|---|---|---|
Line 11: | Line 11: | ||
- | ===== ebtables ===== | + | ===== ebtables |
- | # Block\\ | + | # Block\\ |
\\ | \\ | ||
- | # Unblock\\ | + | # Unblock\\ |
\\ | \\ | ||
Line 23: | Line 23: | ||
# Flush (unblock all the defined references at once)\\ | # Flush (unblock all the defined references at once)\\ | ||
- | NOTE: you might have additional ebtables in your system so be very careful about flushing the full ebtable. | + | NOTE: you might have additional ebtables in your system so **be very careful** about flushing the full ebtable. |
===== iptables ===== | ===== iptables ===== | ||
- | # Block Internet access (or any intra-vlan)\\ | + | # Block Internet access (or any intra-vlan)\\ |
\\ | \\ | ||
- | # Block any network | + | # Block any network |
\\ | \\ | ||
- | # Unblock just rever whatever command | + | # Unblock just rever whatever command |
\\ | \\ | ||
- | # Flush\\ | + | # Flush\\ |
- | These days, blocking MAC addresses can be tedious task. Many client devices use a MAC randomization function. MAC addresses can " | + | \\ |
+ | |||
+ | These days, blocking MAC addresses can be tedious task. Many client devices use a MAC randomization function. MAC addresses can " | ||
For dealing with this, one alternative is to filter using hostnames. | For dealing with this, one alternative is to filter using hostnames. |