Sunday, March 22, 2015

Block Access during certain period using EBTABLES


Say, we want to block any packets coming from a device with mac address 00:01:02:03:04:05 (in other words, our router/switch should just silently drop any packets coming from this MAC address) during period of time 00:00 (00:00 AM) to 6:00 AM, do:

#ebtables -A INPUT -s 00:01:02:03:04:05  --timestart 0:0 --timestop 06:00 -j DROP


If we just want to drop IPv4 packets for the above:

#ebtables -A INPUT -p IPv4 -s 00:01:02:03:04:05  --timestart 0:0 --timestop 06:00 -j DROP


So, parameters for ebtables are actually similar (yet subset) of iptables (netfilter).

No comments:

Post a Comment