How to limit certain MACs access to internal lan but allow then to wan access

Discussion in 'Tomato Firmware' started by kenyloveg, Sep 1, 2009.

  1. kenyloveg

    kenyloveg LI Guru Member

    Hi, Guys
    I'm trying to figure out how to limit certain MAC address to access internal lan address, but allow them to access outside via wan.
    Here are the scripts I've already added to firewall
    iptables -D FORWARD -i br0 -j ACCEPT
    iptables -A FORWARD -i br0 -j ACCEPT
    iptables -A wanout -i br0 -m mac --mac-source XX:XX:XX:XX:XX:XX -j ACCEPT
    iptables -A wanout -i br0 -d -j ACCEPT
    iptables -A wanout -i br0 -p udp --dport 8000 -j ACCEPT
    iptables -A wanout -i br0 -p tcp --dport 443 -j ACCEPT
    iptables -A wanout -i br0 -j DROP
    Could somebody help me to add the scripts but compatible with my original code?
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice