Block list of client based on MAC address using IPTables

I want to block list of client who accessing the port TCP 8080.  Blocking based on MAC address. I having MAC details in text file. It possible to give the MAC input to iptables from a text file?
rajasekarramasamyAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Matt VCommented:
Are these clients on the local network?  If not, then this will not work.

Assuming the clients are on the local network, here is the command you need:

iptables -A INPUT -m mac --mac-source 00:0F:EA:91:04:08 -j DROP

Replace the MAC address with the ones in your list and you should be all set.
Matt VCommented:
Just re-reading, if you only want to block on port 8080, you need to modify the command or you can open only the ports you want them to access using something like this:

iptables -A INPUT -p tcp --destination-port 22 -m mac --mac-source 00:0F:EA:91:04:07 -j ACCEPT

which would allow access to SSH from the specified MAC address.  Be sure to put the allows before the rejects in your rules list.
rajasekarramasamyAuthor Commented:
Hi mattvmotas,

I am having 30 MAC address in mac.txt file. iptable can able to read 30 MAC address from mac.txt file?
Matt VCommented:
You will have to enter 1 iptables command for each address.  You could probably write a bash script to read the file and issue the commands, but for 30 addresses, I would just type them in.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.