I need to block outgoing traffic to my Router using it’s mac as parameter.
My ISP has assigned a public IP address(104.18.0.26) to ISP ZTE make Router on WAN side thus eliminating NAT and Private IP addresses on significance of Router LAN side, thus exposing my laptop to its hackers.
Spoofing and DDoS possible as my pc is exposed to world and especially to ISP insiders who are engaged in cyber crime activity.
I want to protect my PC from ISP hackers using mac as filter.
I have disabled iptables.service and ip6tables.service to avoid conflict as firewalld.service oversees iptables function.
Found some help on internet,
iptables -I INPUT 1 -m mac --mac-source <blacklisted mac 1> -j DROP
OR
while read mac; do iptables -I INPUT -m mac --mac-source $mac -j DROP; done < macs.txt
but the above bash command is meant for blocking incoming mac address, not outgoing. incoming can not be blocked as it is my internet provider router from ISP
I tried modifying the same for blocking outgoing traffic to destination mac(router of ISP)
sudo iptables -I OUTPUT 1 -m mac --mac-destination -j DROP
This results in an error " unknown option “–mac-destination”
Please help me to protect my PC from ISP malicious intentions of using its router mac address for spoofing and DDos attack
Also help me with correct command to block destination IP address using nat tables as tool ,
since using iptables command does not block them.