I have a question that I hope someone can help me with...
 
I am running a RH7.3 installed machine as a IP Masquerade firewall
between my LAN and my wireless LAN.  I have my switch with all of my
wireless Access Points on eth1, and my LAN connection on eth0.
 
With this set I have made a bash script that executes the following:
 
iptables -F
iptables -t nat -F
iptables -t mangle -F
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 192.168.252.251 #(Ip
      of eth0)
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -m state --state NEW -i ! eth0 -j ACCPET iptables -p
INPUT DROP
 
 
Now after all that it works great!  A wireless client connects to the
Access Point, gets a correct ip from DHCP (the linux firewall), and then
browses the web.  Web pages, mounting drives, everything works great....
 
My problem is this...
 
I want to know if it is possible to create a list of MAC addresses that
netfilter(iptables) can verify against to decide if it should allow a
client to be routed.  So when the clients starts there computer up, they
get an ip, begin browsing, and the server looks at the packet and
verifies if the packet should be dropped or accepted according to MAC
address.
 
If anyone has a idea, I'd love to hear from them...  Or even a better
solution to reach my goal.  either- or.
 
 
Thanks a mil!
 
Forrest Beck