Use iptables:

http://www.cyberciti.biz/tips/iptables-mac-address-filtering.html

GUI tools and scripts exist to help you with the configuration of ipchains.
See:

   - EasyFw <http://www.linux-kheops.com/pub/easyfw/> - Tcl/Tk - RPM
   available from web site.
   RPM installs command: /usr/local/bin/easyfw
   - Firestarter <http://firestarter.sourceforge.net/> - Configuration of
   firewall and real-time hit monitor for the Gnome desktop. Configures
   ipchains (kernel 2.2) and iptables (kernel 2.4)
   - Firewall Builder <http://www.fwbuilder.org/> - iptables, ipfilter and
   OpenBSD PF. (GTK--)

 Included with Red Hat 7.x is the Gnome GUI tool gnome-lokkit. (ipchains)

Tools for iptables configuration:

   - Webmin <http://www.webmin.com/webmin/> - Linux web admin tool
   - Shorewall <http://shorewall.sourceforge.net/>
   - NARC: Netfilter Automatic Rule
Configurator<http://www.knowplace.org/netfilter/narc.html>


What is your distro?

Webmin might assist you the easiest?

But basically, an iptable is a text file.
iptables is daemon that runs.
you can save the tables to text on the fly:

iptables-save >/root/tablesfiles

without saving them forever and edit them to look something like (change for
your ports and your mac addresses) this very basic version:

# Generated by iptables-save v1.4.1.1 on Tue May  5 17:50:52 2009
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [373535:34202389]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -m mac --mac-source 00:14:BF:7A:4D:2D -j ACCEPT
-A INPUT -m mac --mac-source 00:18:DE:A5:00:41 -j ACCEPT
-A INPUT -j DROP
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A INPUT -s 127.0.0.1/32 -p tcp -m tcp --dport 3306 -j ACCEPT
-A INPUT -s 127.0.0.1/32 -p tcp -m tcp --dport 25 -j ACCEPT
-A INPUT -s 204.13.248.71/32 -p tcp -m tcp --dport 2525 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -p tcp -m tcp --dport 3306 -j DROP
-A INPUT -s 127.0.0.1/32 -p udp -m udp --dport 68 -j ACCEPT
-A INPUT -s 192.168.1.1/32 -p udp -m udp --dport 68 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j DROP
-A INPUT -s 127.0.0.1/32 -p udp -m udp --dport 123 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -p udp -m udp --dport 123 -j ACCEPT
-A INPUT -s 127.0.0.1/32 -p udp -m udp --dport 631 -j DROP
-A INPUT -s 192.168.1.0/24 -p udp -m udp --dport 631 -j DROP
-A INPUT -s 127.0.0.1/32 -p udp -m udp --dport 52421 -j DROP
-A INPUT -s 192.168.1.0/24 -p udp -m udp --dport 52421 -j DROP
-A INPUT -s 192.168.2.0/24 -p tcp -m tcp -j DROP
-A INPUT -s 192.168.2.0/24 -p udp -m udp -j DROP
-A INPUT -p tcp -m tcp --dport 3306 -j REJECT --reject-with
icmp-port-unreachable
-A INPUT -p udp -m udp --dport 68 -j REJECT --reject-with icmp-port-unreachable
-A INPUT -p udp -m udp --dport 123 -j REJECT --reject-with
icmp-port-unreachable
-A INPUT -p udp -m udp --dport 631 -j REJECT --reject-with
icmp-port-unreachable
-A INPUT -p udp -m udp --dport 52421 -j REJECT --reject-with
icmp-port-unreachable
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Tue May  5 17:50:52 2009




# /sbin/iptables-restore </root/tablesfiles
# /etc/init.d/iptables save
# chkconfig iptables on on


On Tue, May 5, 2009 at 5:30 PM, wayne <waydavis@cox.net> wrote:

> I have a situation where I will want to prevent individuals from
> connecting to my server based on their MAC id.  I've not selected
> ANYTHING yet... suggestions?    A nice GUI frontend would be cool. :-)
> (Kubuntu 8.04.2)
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>



-- 
www.obnosis.com (503)754-4452
"Contradictions do not exist." A. Rand