The content of this topic has been archived on 7 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.
hello, I will want to block a mac address by iptables but does not function I installed libipt_mac.so however
@OpenWrt:/usr/lib/iptables# iptables -I FORWARD -m mac --mac-source 00:50:FC:F5:18:5E -j DROP
iptables: No chain/target/match by that name
... 
:cry:
You need to install the linux kernel module ipt_mac.o.
You can compile it into kernel (hint make menuconfig) or copy it from kmodes.tar.gz, which is created by openwrt compilation, if you have choosen linux mac matching to be build as kernel module.
If you load it as module, don't forget to insmod ipt_mac afterwards.
The module is located in /lib/modules/2.4.20.../netfilter.
I installed the packages : http://nthill.free.fr/nicowrt/ipkg/2004 … mipsel.ipk I am beginner under linux then compilation is hard for me;)
@OpenWrt:/lib/modules/2.4.20/netfilter# ls
ipt_mac.o
...
It just needs to get loaded.
cat /proc/modules
insmod ipt_mac
@OpenWrt:/proc# cat modules
wl 348968 1
et 21968 1
diag 2080 0 (unused)
@OpenWrt:/proc#
:cry: :cry: :cry: :cry: :cry:
You need the libipt_mac.so library in /usr/lib (download here for iptables 1.2.9 http://www.cidis.ws/proyectos/libipt_mac.so)
. Then write insmod ipt_mac command and finally your iptables will accept mac match. 
The discussion might have continued from here.