NAME
maclist - shorewall6 MAC Verification file
SYNOPSIS
/etc/shorewall6/maclist
DESCRIPTION
This file is used to define the MAC addresses and optionally their
associated IPv6 addresses to be allowed to use the specified interface.
The feature is enabled by using the maclist option in the
shorewall6-interfaces[1](5) or shorewall6-hosts[2](5) configuration
file.
The columns in the file are as follows.
DISPOSITION - {ACCEPT|DROP|REJECT}[:log-level]
ACCEPT or DROP (if MACLIST_TABLE=filter in shorewall6.conf[3](5),
then REJECT is also allowed). If specified, the log-level causes
packets matching the rule to be logged at that level.
INTERFACE - interface
Network interface to a host.
MAC - address
MAC address of the host -- you do not need to use the shorewall6
format for MAC addresses here. If IP ADDRESSESES is supplied then
MAC can be supplied as a dash (-)
IP ADDRESSES (Optional) - [address[,address]...]
If specified, both the MAC and IP address must match. This column
can contain a comma-separated list of host and/or subnet addresses.
If your kernel and ip6tables have iprange match support then IP
address ranges are also allowed. Similarly, if your kernel and
ip6tables include ipset support than set names (prefixed by "+")
are also allowed.
FILES
/etc/shorewall6/maclist
SEE ALSO
http://shorewall.net/MAC_Validation.html
shorewall6(8), shorewall6-accounting(5), shorewall6-actions(5),
shorewall6-blacklist(5), shorewall6-hosts(5), shorewall6-interfaces(5),
shorewall6-params(5), shorewall6-policy(5), shorewall6-providers(5),
shorewall6-route_rules(5), shorewall6-routestopped(5),
shorewall6-rules(5), shorewall6.conf(5), shorewall6-tcclasses(5),
shorewall6-tcdevices(5), shorewall6-tcrules(5), shorewall6-tos(5),
shorewall6-tunnels(5), shorewall6-zones(5)
NOTES
1. shorewall6-interfaces
http://www.shorewall.net/manpages6/shorewall6-interfaces.html
2. shorewall6-hosts
http://www.shorewall.net/manpages6/shorewall6-hosts.html
3. shorewall6.conf
http://www.shorewall.net/manpages6/shorewall6.conf.html
[FIXME: source] 06/17/2010