Firewalld MAC filter

Hey Guys,

This is slightly OFF topic, but since you are the best at what you do, I’ll ask you all. :slight_smile:

Environment: Two CentOS 7 machine with Libvirt installed + 2 virtual PC on each. So host A has B and C virtual machines and host D has E and F virtual machines.
I want to connect B to D and C to F with an ethernet cable from host A to D. I’ve added the specifig NICs to the machines all good.

Now, a situation: some “bad guy” comes, unplugs the cable, puts his own computer in, hacks the system. To prevent this, I want machine B to accept packages on it’s NIC only if the package is from a specific MAC address. Same goes to C, E and F virtual hosts. Now I remember there was something called MAC filtering in iptables, alto I’ve never used iptables, ( I’m too young for that sh*t. :smiley: ) Is the same available in firewalld? To filter traffic to specific MAC addresses.

Hope I’m nor breaking the rules with this topic. If I do, do not hesitate to remove it.

Cheers for the help!


It seems firewalld support it out of the box.

Check this:

How did I miss this? :confused: Unfortunately I can’t use NethServer in this project, but I’ll definitely push this towards in future projects.

1 Like