so ive set a iptables rule to block the mac address
sudo iptables -I INPUT -m mac --mac-source 84:57:33:b9:39:27 -j REJECT
but i cant save the iptables rule with firewalld.
so is there any easy way to save the current runtime if iptables?
what should i do?
any ideas welcome
Mmm, I performed a test.
If on host B you use such rule to block host A MAC address, host A can’t reach host B, but… host B can reach host A.
Sorry but I’m not so expert. It seems something related to chain precedence, or stuff like that. It seems that MAC address support in firewalld is a little bit incomplete.
i actually changed the line REJECT to DROP,
its absurd and highly irregular for my fedora pc to have an arp cache entry from my XboxOne as they have no compatible software or any relevant connection what so ever. hence changing reject to drop. the software on the Xbox dosnt need to know that data isn’t passing the firewall on my workstation as it (and its programmers) have no business sending data to my Linux workstation in the first place.