ola pessoal, espero que alguem possa me ajudar!
montei um firewall com controle de MAC x IP
ele esta controlando ip e mac perfeitamente so que estou tendo o seguinte problema:
os clientes não navegam, nao pinga o servidor e nem o proprio servidor pinga o ip dele mesmo.
fico agrade... com sua colabora.....
#!/bin/bash
MACLIST=/etc/maclist
### Forward
echo 1 > /proc/sys/net/ipv4/ip_forward
/sbin/modprobe iptable_nat
/sbin/modprobe iptable_filter
/sbin/modprobe iptable_mangle
/sbin/modprobe ip_tables
/sbin/modprobe ip_conntrack
/sbin/modprobe ip_conntrack_ftp
/sbin/modprobe ip_queue
/sbin/modprobe ip_nat_ftp
/sbin/modprobe ip_nat_irc
/sbin/modprobe ipt_limit
/sbin/modprobe ipt_conntrack
/sbin/modprobe ipt_mac
/sbin/modprobe ipt_mark
/sbin/modprobe ipt_multiport
/sbin/modprobe ipt_owner
/sbin/modprobe ipt_state
/sbin/modprobe ipt_tcpmss
/sbin/modprobe ipt_tos
/sbin/modprobe ipt_LOG
/sbin/modprobe ipt_REJECT
/sbin/modprobe ipt_MASQUERADE
/sbin/modprobe ipt_MARK
/sbin/modprobe ipt_REDIRECT
/sbin/modprobe ipt_TCPMSS
/sbin/modprobe ipt_TOS
iptables -F
iptables -t nat -F
iptables -t filter -F
iptables -t mangle -F
iptables -P FORWARD ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
### Inicio Controle MAC e Regras para Graficos - Clientes
for i in `cat $MACLIST`; do
STATUS=`echo $i | cut -d ';' -f 1`
IPSOURCE=`echo $i | cut -d ';' -f 3`
MACSOURCE=`echo $i | cut -d ';' -f 2`
# Compara IP e MAC
iptables -A INPUT -s $IPSOURCE -m mac --mac-source $MACSOURCE -j ACCEPT
# NAT
iptables -t filter -A FORWARD -d 0/0 -s $IPSOURCE -m mac --mac-source $MACSOURCE -j ACCEPT
iptables -t filter -A FORWARD -d $IPSOURCE -s 0/0 -j ACCEPT
iptables -t nat -A POSTROUTING -s $IPSOURCE -d 0/0 -j MASQUERADE
# Proxy
iptables -A INPUT -s $IPSOURCE --match mac --mac-source $MACSOURCE -p tcp --dport 8080 -j ACCEPT
iptables -t nat -A PREROUTING -s $IPSOURCE --match mac --mac-source $MACSOURCE -p tcp --dport 80 -j REDIRECT --to-port 8080
# Bloqueia Restante
iptables -t filter -P FORWARD DROP
iptables -A INPUT -i eth0 -j DROP
done
### Fim Controle MAC