Dynamically attach a firewall rule by matching a device name (or mac address) prefix

Hi all,

I need to match devices with a specific name prefix (or mac address prefix) and then attach a firewall rule to them.

E.g all Android devices have android- prefixed to their names (and all devices have specific OUI attached to them i the mac-address), I want to be able to go through the DHCP leases and match all devices with this prefix and then attach a firewall rule to the device or alternatively, add the devices to a list and attach the firewall rule to the list.

I’m of the impression that the Routers do not have the mac-address-list option.

If this is possible I would like some help with it because currently I am manually going through the process and it’s pretty painful to say the least.

I am using a CCR1036.

Any other info that is needed to help me with this, I would provide.

Thanks.

Everyone can freely change the hostname and mac address of wifi module on his android phone/tablet. This is not the secure way.

May be, you would search the list of dhcp-server-leases with a loop, and attach the rule to the bridge filter, or firewall filter, or directly block-acccess in the dhcp-server without firewalls.

check it out.

http://www.tech-nico.com/blog/script-mikrotik-para-bloquear-dispositivos-moviles-con-dhcp/

http://www.tech-nico.com/blog/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall/

http://www.tech-nico.com/blog/script-mikrotik-para-bloquear-dispositivos-moviles-en-bridge-muy-efectivo/