Readded the mac filter to the outgoing firewall. Added mac groups.

This feature was requested by bug #0000705.
2026-04-26 02:42:58 +02:00 · 2010-09-02 20:04:03 +02:00
parent 4d17a269db
commit d9716b067d
10 changed files with 276 additions and 79 deletions
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -147,6 +147,7 @@ case "$1" in
 	/sbin/iptables -N CUSTOMOUTPUT
 	/sbin/iptables -A OUTPUT -j CUSTOMOUTPUT
 	/sbin/iptables -N OUTGOINGFW
+	/sbin/iptables -N OUTGOINGFWMAC
 	/sbin/iptables -A OUTPUT -j OUTGOINGFW
 	/sbin/iptables -t nat -N CUSTOMPREROUTING
 	/sbin/iptables -t nat -A PREROUTING -j CUSTOMPREROUTING
@@ -183,6 +184,8 @@ case "$1" in

 	# Outgoing Firewall
 	/sbin/iptables -A FORWARD -j OUTGOINGFW
+	/sbin/iptables -A FORWARD -j OUTGOINGFWMAC
+	/sbin/iptables -A INPUT -j OUTGOINGFWMAC

 	# localhost and ethernet.
 	/sbin/iptables -A INPUT   -i lo          -m state --state NEW -j ACCEPT