Code:
awk -F"[ ;]*" '
/^subnet/ {SUBNET = $2
}
/^ *host.* {/ {getline
TMP = $4
getline
FXIP[$3] = TMP
}
END {sub (/[^.]*$/, "", SUBNET)
for (i=1; i<25; i++) {TMP = sprintf ("%s%d", SUBNET, i)
printf "iptables -I FORWARD -s %s", TMP
if (TMP in FXIP) print " -p tcp -m multiport --dports 110,143,25,465,585,993,995,80,443 -m mac --mac-source " FXIP[TMP] " -j ACCEPT"
else print " -j DROP"
}
for ( f in FXIP) print FXIP[f], f , " > ./etc_ethers"
}
' dhcpd.conf
iptables -I FORWARD -s 192.168.0.1 -j DROP
iptables -I FORWARD -s 192.168.0.2 -j DROP
iptables -I FORWARD -s 192.168.0.3 -j DROP
iptables -I FORWARD -s 192.168.0.4 -j DROP
iptables -I FORWARD -s 192.168.0.5 -j DROP
iptables -I FORWARD -s 192.168.0.6 -p tcp -m multiport --dports 110,143,25,465,585,993,995,80,443 -m mac --mac-source 00:71:CC:6E:A3:33 -j ACCEPT
iptables -I FORWARD -s 192.168.0.7 -p tcp -m multiport --dports 110,143,25,465,585,993,995,80,443 -m mac --mac-source C0:38:96:72:8B:5B -j ACCEPT
iptables -I FORWARD -s 192.168.0.8 -p tcp -m multiport --dports 110,143,25,465,585,993,995,80,443 -m mac --mac-source 08:ED:B9:08:94:09 -j ACCEPT
iptables -I FORWARD -s 192.168.0.9 -p tcp -m multiport --dports 110,143,25,465,585,993,995,80,443 -m mac --mac-source D0:53:49:CB:FE:0F -j ACCEPT
iptables -I FORWARD -s 192.168.0.10 -p tcp -m multiport --dports 110,143,25,465,585,993,995,80,443 -m mac --mac-source C4:8E:8F:8F:45:A7 -j ACCEPT
iptables -I FORWARD -s 192.168.0.11 -j DROP
iptables -I FORWARD -s 192.168.0.12 -j DROP
iptables -I FORWARD -s 192.168.0.13 -j DROP
iptables -I FORWARD -s 192.168.0.14 -j DROP
iptables -I FORWARD -s 192.168.0.15 -j DROP
iptables -I FORWARD -s 192.168.0.16 -j DROP
iptables -I FORWARD -s 192.168.0.17 -j DROP
iptables -I FORWARD -s 192.168.0.18 -j DROP
iptables -I FORWARD -s 192.168.0.19 -j DROP
iptables -I FORWARD -s 192.168.0.20 -j DROP
iptables -I FORWARD -s 192.168.0.21 -j DROP
iptables -I FORWARD -s 192.168.0.22 -j DROP
iptables -I FORWARD -s 192.168.0.23 -j DROP
iptables -I FORWARD -s 192.168.0.24 -j DROP
D0:53:49:CB:FE:0F 192.168.0.9 > ./etc_ethers
08:ED:B9:08:94:09 192.168.0.8 > ./etc_ethers
C0:38:96:72:8B:5B 192.168.0.7 > ./etc_ethers
00:71:CC:6E:A3:33 192.168.0.6 > ./etc_ethers
C4:8E:8F:8F:45:A7 192.168.0.10 > ./etc_ethers