Will MOX support mac filtering on the LAN?
Pretty sure it was a d-link router I had that on and found it very useful on the home network. Even if limited to a small number of entries.
Hi,
This is not question on MOX but on Turris OS (or Openwrt as such - or used firewall) and it is possible.
Wasn’t sure if it also required firmware support or not. This is great news. I’m happy 
. I think someone mentioned that luci only supported mac filtering on the WiFi side on the Omnia. So I thought I’d ask about MOX which I figured might have different lan network chip and will have Turris OS 4.0
thanks
correct. a “mac filtering” button/gui-option is only available for wifi.
but the device, as any other linux router, can be made to do what you want.
How do you filter MAC on the LAN chipset like it is done with WLAN chipsets? AFAIK it would only work with a netfilter rule and thus at firewall level and neither frontend (Foris/LuCI) is catering for it.
Yeah, well, “supporting” a feature can have different levels, from some ugly hacks over ssh, up to a checkbox in Foris.
Would this be mac filtering using the ip tables? Would there be a performance hit filtering in the kernel instead of on the chip? (I’m assuming the mac filtering on the WiFi side is supported on the chip?)
iptables is just a userland app for the kernel’s
Yes, it is a feature-set hard-coded in the chip. Or a feature-set running in the OS of the chip if it is a SoC.
Commonly a hard-coded feature-set designed for a particular chip has a better performance than a userland-app that has to communicate with the kernel it is running on and the kernel then either communicating to the chip directly or the kernel communicating with its CPU (and the CPU eventually with the chip via the motherboard).
“userland-app” == user space?
2 packet copies?
No, it’s a front-end that configures the in-kernel stuff.