I was wondering if it’s possible to automatically deny new devices connecting to your network.
What I mean by this is, when someone first connects, they have no Ethernet access, until I verify their connection (basically blocking all mac addresses, and only when I verify the device, name it & give it a static IP, it’s allowed to access the Ethernet).
This is mainly to avoid clients from mac spoofing & bypassing filters, or hiding their device names in system log.
Hope someone can point me to the right direction, would be awesome to set this up!
Does this feature meet your needs?
Preset policies in the “Clients” page to block WAN or limit speed by default for all devices using randomized MAC addresses.
We are considering adding it in version 4.1.
Please add it. I also recommend this. I really want this feature.
Can it be for any new client?
For now I think It only for MAC Randomization. Users shouldn’t expect this restriction to prevent malicious intrusions.
But we are also adding parental controls to our develop schedule that can manage all devices.
Yes, that would be absolutely perfect!
I think this possible by appending rules in LuCI → Network → Firewall → Firewall - Traffic Rules:
Accept your Source MAC address list from Source zone LAN to Destination Zone this device
Drop or Reject all other traffic from Source zone LAN to Destination Zone this device
The Randomized MAC address Device Preset would be a useful feature for some people, but may not prevent new clients connecting with non-randomized MAC addresses, if the feature only checks for a specific 2nd digit of 2, 6, A, or E in the MAC address.
I do not work for and I do not have formal association with GL.iNet
Agreed. It should be made for all new clients connecting to the router, this would cover randomized Mac and new clients . Much cleaner.
Due to scheduling (our new product will be pre-installed with version 4.1), the relevant features will be unified in the parental control module of version 4.2.
In Parental Control, users can block all new incoming devices to access the Internet.