I’d like to setup MAC address filtering on my Microtik router. I didn’t see an “easy” way of doing this from any of the documentation provided by microtik, unless I overlooked something.
What I was planning on doing was to create a new chain called MAC_Filter and have all traffic leaving the router (output chain) jump to the MAC_Filter chain and create individual rules for each client’s MAC and have that traffic “passthrough” and then returned to the original chain for further filtering. Is that how MAC Authentication is done ? or is there a more simple way of doing it similar to the wireless MAC tables within the interface submenu?
or would it be better to mangle and mark the traffic and create a rule to accept the marked traffic? I think that might be a little less rule intensive…
btw, is it possible to use MAC-address wildcards in the rules? i tried “*” but these are not accepted. or does it use some boolean test e.g. 0 matching all?
Not sure? I just created a mangle rule and added the source-mac for each indvidual user and marked the connection as auth-mac, and all other connections are marked no-auth. That’s how I got around it. no-auth is dst-nat’d to a remote page for login/purchase of service.
Damn I love this software, if I were to do it this using other products I’d have about 4 different devices in the demarc.
