Say, we want to block any packets coming from a device with mac address 00:01:02:03:04:05 (in other words, our router/switch should just silently drop any packets coming from this MAC address) during period of time 00:00 (00:00 AM) to 6:00 AM, do:
#ebtables -A INPUT -s 00:01:02:03:04:05 --timestart 0:0 --timestop 06:00 -j DROP
If we just want to drop IPv4 packets for the above:
#ebtables -A INPUT -p IPv4 -s 00:01:02:03:04:05 --timestart 0:0 --timestop 06:00 -j DROP
So, parameters for ebtables are actually similar (yet subset) of iptables (netfilter).
No comments:
Post a Comment