Joined: 05 Sep 2008 Posts: 1 Location: Plouzane, Bretagne, France
Posted: Wed Oct 29, 2008 18:54 Post subject: Here is my iptables lan->wan MAC filter
Hello everyone.
I am quite surprised that dd-wrt v24 doesn't have anything to prevent users from using the internet by mac, ie a simple lan->wan mac filter.
Here is how I did it, using simple iptables rules.
Posted: Tue Dec 09, 2008 5:03 Post subject: Mac Filter
Are there any additional iptables that are needed for this to work? I am trying to accomplish the exact same thing as you, but when I entered:
iptables -I FORWARD -o vlan2 -j DROP
my "unauthorized" laptop was still able to get on the internet. I have the default firewall rules with NAT turned on. Am I missing something or is that command supposed to stop all unauthorized traffic immediately?
Posted: Tue Dec 09, 2008 6:07 Post subject: Figured it out
I am retarded... Please forgive my previous questions, turns out my wan port is on vlan1 not vlan2. It works beautifully, you are a genius my good man.
Click on the admin tab and then click commands, and then save it as "Firewall" Please make sure you know what your outgoing interface is.
PS - This script breaks Hotmail.com, turbotax.com itunes.com and others for some reason. I am looking into it. What I have found so far is that these servers have a server side redirection that gets munged up and never makes it to the client.