Chặn địa chỉ MAC trên Mikrotik
|
just joined Show
How to block MAC AddressesSun May 08, 2011 7:19 pm Am running DHCP in a large Campground. Are not using Hotspot or Usermanager. Is there a way to block the MAC addresses or refuse a DHCP lease?
just joined Topic Author Posts: 10Joined: Wed Mar 30, 2011 4:41 amRe: How to block MAC AddressesSun May 15, 2011 4:41 am I've been looking around in the manual and don't think I have found the correct area. Can you please point me to the proper area of the manual? Are there any examples? Thanks
Forum
Guru  Re: How to block MAC AddressesSun May 15, 2011 6:27 am Are you looking to blacklist (default permit, deny a few specific addresses) or whitelist (default deny, permit a few specific addresses)? Specific answers require specific questions. When in doubt, post the output of "/ip address print detail", "/ip route print detail", "/interface print detail", "/ip firewall export", and an accurate network diagram.
just joined Topic Author Posts: 10Joined: Wed Mar 30, 2011 4:41 amRe: How to block MAC AddressesMon May 16, 2011 12:57 am We need to deny a few stations when they abuse their bandwidth share. This will probably not happen more than once a week during the summer only. Thanks
Forum Guru Re: How to block MAC AddressesMon May 16, 2011 1:09 am Specific answers require specific questions. When in doubt, post the output of "/ip address print detail", "/ip route print detail", "/interface print detail", "/ip firewall export", and an accurate network diagram.
Frequent
Visitor Re: How to block MAC AddressesFri Jul 15, 2011 8:43 am Is there a way to block MAC from getting dhcp lease? I have this one MAC address that's filling up my log b/c it can't get the lease with success... I tried the above, but dchp still trying to give out lease...
Frequent
Visitor Re: How to block MAC AddressesMon Jul 18, 2011 11:05 pm SOLVED. Tried the filter rules, but none worked for me. Not sure how to do code so someone else can translate if they like but here's what worked for me: IP --> DHCP Server --> Leases --> Add new --> General="Pool_Name", MAC Address="MAC address of desired blocked", Server="Name of DHCP Server failing", Block access = yes, Address List = Black-list Hope that helps someone else
just joined Posts: 1Joined: Thu May 09, 2013 6:33 amRe: How to block MAC AddressesThu May 09, 2013 7:10 am
I tried this and the offending MAC addresses still got their IP address perfectly OK. Not only that, but as can be seen on the attached file, one of the offending MAC addresses ALSO got a lease for 99 days instead of the 8 days programmed in DHCP server, like all other leases. Note: I DO NOT have a list of addresses called "black-list". I did, however, try first with that box empty, with the same result. I rebooted the whole system each time. Please help. You do not have the required permissions to view the files attached to this post.
just joined Posts: 20Joined: Sun Dec 09, 2007 1:21 pmRe: How to block MAC AddressesFri Apr 04, 2014 3:10 pm make the mac have a static address (click make static) edt the static address to a diff subnet
just joined Posts: 24Joined: Mon Jun 20, 2016 9:42 pmLocation: UAE/Pakistan Contact:Re: How to block MAC AddressesWed Nov 02, 2016 8:54 am
Dear Users, I am new to use Mikrotik router, I want to ask that i have a user who make hotspot with the LAN, and use internet very much, and i want to block the MAC of this device A4:08:EA:06:13:BE Can any one tell me how to block MAC address in Mikrotik Router.
just joined Posts: 24Joined: Mon Jun 20, 2016 9:42 pmLocation: UAE/Pakistan Contact:Re: How to block MAC AddressesWed Nov 02, 2016 4:21 pm
I have an issue ,i blocked one MAC of a user with this method but it is not working: On the “Firewall” window, select the “+” sign (add). But when i check again , this person is again connected with the same MAC Address . Why
just joined Posts: 3Joined: Mon Dec 12, 2016 1:15 pmRe: How to block MAC AddressesTue Jan 17, 2017 2:25 pm
Dear Sir, did u get solve your problem?
Long time
Member Re: How to block MAC AddressesTue Jan 17, 2017 2:57 pm when you block a mac address in firewall filter (forward and input chain) you block internet access and not dhcp lease. /ip firewall filter if you want to block dhcp lease.... 1. set a dynamic lease to static lease "make static". both are working for me in my vmware test machine. i just test them. Last edited by freemannnn on Tue Jan 17, 2017 11:43 pm, edited 2 times in total.
just joined Posts: 3Joined: Mon Dec 12, 2016 1:15 pmRe: How to block MAC AddressesTue Jan 17, 2017 3:33 pm
Dear Sir,
Long time Member Re: How to block MAC AddressesTue Jan 17, 2017 10:44 pm you didnt succeed? sent me your skype or viber or facebook or email with pm Last edited by freemannnn on Mon Jul 09, 2018 5:50 pm, edited 1 time in total.
newbie Posts: 30Joined: Fri May 03, 2013 7:45 amRe: How to block MAC AddressesSat Apr 01, 2017 4:27 pm
Works so good thanks for this
just joined Posts: 23Joined: Wed Jun 20, 2018 9:49 amRe: How to block MAC AddressesSat Oct 13, 2018 1:12 pm Added rules: 1) chain = forward ip firewall filter print shows: Any ideas?
Forum Guru Re: How to block MAC AddressesSat Oct 13, 2018 3:07 pm Given how brief you post is and what is missing in it, I dare to suggest a supercharged introduction into how the firewall works. Don't write novels, post /export hide-sensitive file=x. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.
newbie Posts: 36Joined: Mon Aug 23, 2021 11:03 amLocation: SF CA or BGC PH Contact:Re: How to block MAC AddressesTue Sep 14, 2021 1:52 pm saludo mr freemannn!
tested this with mac address then ticked block address, works pretty good. the firewall immediately catched the user! making the user ip static, tick block access, add to blacklist, quickly catches the user ea time user starts to come back in, or by deleting user lease, it will catch the user. but to make it quick, restart the router which i dont recommend. ticking block access will also deny its wifi access within the same LAN/Network Now, is there also a way to create a whitelist for say for all admin devices such as; pc, tablet, smartphone, etc
etc. |
