Hello!
*filter
:INPUT DROP
:FORWARD ACCEPT
:OUTPUT ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth0 -p icmp -m icmp --icmp-type 3,4,5,11,12 -j ACCEPT
-A INPUT -i eth0 -p tcp -s (IP1) -m multiport --dports port1,port2,port3 -m mac --mac-source (MAC1) -j ACCEPT
-A INPUT -i eth0 -p tcp -s (IP2) -m multiport --dports port1,port2,port3 -m mac --mac-source (MAC2) -j ACCEPT
....
-A INPUT -i eth0 -p tcp -s (IPn) -m multiport --dports port1,port2,port3 -m mac --mac-source (MACn) -j ACCEPT
COMMIT
Így jó?
Petya