Is it possible to block some MAC addresses on the LAN from accessing the internet?
I can do it from the command line with iptables but for ease of use would prefer a GUI interface either in Foris or in LuCI. I can’t find it anywhere in the dialogs.
Thanks!
Firewall - Traffic rules - Add
That’s still quite low-level. Is there a more user friendly interface where I could only enter the unwanted (=kids’) MACs?
This will do the same if you don’t want to do it manually
I built this for the Omnia a while back. IDK if it’s the current version, but I don’t think there are any real dependencies on the Turris stack.
The version I have shows 0.4.1.
0.4.1 should be the latest. There is 0.4.2 but for 05/2017 later versions.
There are packages already compiled and repo link.
From what I understood there are no dependencies. It’s just luci plugin.
TBH I never used this - there’s no why. I just offered click’n’go method to @mludvig.
I tried this but it does not work. I added rules in the UI but it does not block access and iptables -L shows there are no rules.
Just keep in mind that we are on nftables now. So it might work if you install iptables-nft
iptables seems to be the symlink to nftables. I am not sure why it shows no rules. When I open the rules in the gui, I found the rules added by this plugin, and apparently they weren’t working because the protocol field was not set. So I just fixed that and have gone to just manually maintaining the rules there.
Ahh, looked up the man page for nft online since it isn’t installed in the turris and ran ntf list ruleset inet and found them.