I have been trying to allow only certain ip pool for hotspot authentication and drop all other for single ethernet port.
configuration is as follows:
/ip firewall address-list
add address=172.16.118.64/26 comment="Ether 5 Allowed Client IP's" list="ether5 allowed ip"
/ip firewall filter (this rule is in position 0)
add action=drop chain=input in-interface=ether5 log=yes log-prefix="Dropped " src-address-list="!ether5 allowed ip"
still i can see other IP address being authenticated from ether5 for hotspot. i had tried changing the chain to forward, hs-input but still does not work.