How to block unauthorized users via MAC Address through IPTABLES firewall

Summary: In this article i tried to explain how to block unauthorized users permanently to live without Internet within the office.

I have installed a squid 2.7 transparently and also implemented sarg for reports. but i am facing a problem here. i have configure my network users in dhcp.conf. but there are some other users appears in my sarg reports with a heavy downloads. I want to block unauthorized users permanently and will have to open their access when they will have approved permission from higher management.

now i have to do some thing specials for these guys.
i am going to invite them on lunch.

i just open terminal on my server, and run the command
arp -a

I found all the MAC Address and IP Address. I do have a MAC table of my network users.
Then i copy all the MAC address that are not listed in my MAC table and create another file for them, past all with in a file.
After that i open the terminal and run the following commands to:
To check my iptables Rules:


Then Run the command to block each MAC user that i have in newly created file.Executing the following two commands repeatedly for each user.

iptables -A INPUT -m mac –mac-source 00:xx:6b:xx:05:xx -j DROP
iptables -A FORWARD -m mac –mac-source 00:xx:6b:xx:05:xx -j DROP

then check out the command


and then


All the unauthorized users are blocked now.

If i want to give access to some one later on i will have to follow the simple steps.

iptables -D INPUT -m mac –mac-source 00:xx:6b:xx:05:xx -j DROP
iptables -D FORWARD -m mac –mac-source 00:xx:6b:xx:05:xx -j DROP

service iptables-save to check the specific entry is deleted from IPTABLES-RULES.
Now the Users are authorized and can access the Internet.
Now who is going to pay for lunch. Don’t worry i am going to pay.

Enjoy the fruits
do comments if you like it.

Leave a Reply

Your email address will not be published. Required fields are marked *