MAC filtering for unsecure IP cams

If you've made a patch to quick fix a bug or to add a new feature not yet in the main tree then post it here so others can try it out.
Post Reply
Sigge
Posts: 116
Joined: Mon May 02, 2016 8:14 am

MAC filtering for unsecure IP cams

Post by Sigge »

Not sure this is the right place but I wanted to share how I did it.

I have a iptable nat:ed network. My set up:

Code: Select all

echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o "external nic" -j MASQUERADE
iptables -A FORWARD -i "external nic" -o "internal nic" -m state  --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i "internal nic" -o "external nic" -j ACCEPT

Now, to block a mac address from accessing the internet but still be able to talk to the NAT server where I have Zoneminder:

Code: Select all

iptables -I FORWARD 1 -m mac --mac-source "ipcam mac" -j DROP
Post Reply