I have a MAC address I want to block from either getting an IP address from the DHCP server, or from transiting the network via internet.
I added this rule at the top of the Firewall rules:
add action=drop chain=forward comment="Unknown DWRT device" src-mac-address=\
00:00:71:AA:A0:74
Yet, after the DHCP lease expires, the freaking device reconnects!
What am I doing wrong?
Your rule denies forwarding (only).
Your request was to stop DHCP lease, and transiting the network to Internet. The last of the 2 requirements is in your firewall rule.
You did not specify how the device connects , so there may be possibiliies at the incoming interface.
I think you should add at least a specific DHCP lease for that MAC with “block access” in the DHCP server.
Personally I would stop the device at the connection, for wireless you have the “access list” TAB where you can remove the “authentication” and “forwarding” for that MAC.
Kewl did not know there was a block address option but then again I have not had the need.
https://www.google.com/search?q=block+dhcp+lease+mikrotik&rlz=1C1GCEA_enCA874CA875&oq=block+dhcp+lease+mikrotik&aqs=chrome..69i57.6852j0j8&sourceid=chrome&ie=UTF-8#kpvalbx=_mtdOXrKROcWuytMP2tSyKA24
Also like the wifi as the first line of defense!