holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Make MAC restrictions clearer

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1059 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2004-01-06 15:40:02 +00:00
parent 5c9c9d97fd
commit ede92b5424
1 changed files with 11 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
Shorewall-docs/MAC_Validation.xml
View File

@ -15,14 +15,10 @@
</author> </author>
</authorgroup> </authorgroup>
<pubdate>2002-06-30</pubdate> <pubdate>2004-01-06</pubdate>
<copyright> <copyright>
<year>2001</year> <year>2001-2004</year>
<year>2002</year>
<year>2003</year>
<holder>Thomas M. Eastep</holder> <holder>Thomas M. Eastep</holder>
</copyright> </copyright>
@ -39,7 +35,15 @@
<para>All traffic from an interface or from a subnet on an interface can be <para>All traffic from an interface or from a subnet on an interface can be
verified to originate from a defined set of MAC addresses. Furthermore, each verified to originate from a defined set of MAC addresses. Furthermore, each
MAC address may be optionally associated with one or more IP addresses.</para> MAC address may be optionally associated with one or more IP addresses. Note
that </para>
<important>
<para><emphasis role="bold">MAC addresses are only visible within a
ethernet segment so all MAC addresses used in verification must belong to
devices physically connected to one of the LANs to which your firewall is
connected.</emphasis></para>
</important>
<important> <important>
<para><emphasis role="bold">Your kernel must include MAC match support <para><emphasis role="bold">Your kernel must include MAC match support