iptables MAC Filter for Forwarding
Long story short, I need a firewall that filters by MAC address.
My problem is MAC address filtering does not seem to be working for forwarded packets. I am not using nat or masquerade.
Without any rules restricting the traffic, forwarding works great.
I have tested MAC filtering in the INPUT table and it seems to work fine. (I can block access or permit access to the machine this way).
I have tried filtering by MAC in the FORWARD table, the nat PREROUTING and in mangle PREROUTING (at seperate times). Filtering by IP in all of these places works without a problem.
I am using Debian, with the default 2.4.27 kernel and iptables 1.2.11.