Why does ebtables allow traffic from other hosts?

P

Pavel Kaptur2015-11-09 16:10:43

linux

Pavel Kaptur, 2015-11-09 16:10:43

Hello everyone, I ran into a problem, I need to make it so that only people with certain poppy addresses can get to the servers that spin on proxmox 4. All virtual machines are spinning on the server and are available through the vmbr0 interface. For this I decided to use ebtables. I installed the package into the system (it was not there initially) and began to configure and added the following rules

ebtables -A INPUT -s 48:5B:39:5A:A1:C8 -j ACCEPT
ebtables -A OUTPUT -d 48:5B:39:5A:A1:C8 -j ACCEPT
ebtables -P INPUT DROP

but from a different host I can still connect to the servers. Why? where did i go wrong?
this is what ebtables looks like -L

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

R

Ruslan Fedoseev, 2015-11-09
@drem1lin

traffic to servers goes through the server. those. FORWARD

P

Puma Thailand, 2015-11-09
@opium

Macs are only visible if the server is on the same subnet as the client.