Random MAC now sets any MAC valid. Most are not registered OUI.
I want to be able to select for example - D-Link and TP-Link OUI.
Why ? - Someone observing can interpret it as suspicious and it's illegal to spoof MAC in most countries
Illegal? Where?
MAC addresses are only valid in the layer 2 domain they're physically attached to, and as long as they're unique in that domain, there's no problem with how they're set.
As to choosing - you can look up any OUI prefix in the public registries and then set what you like using uci, Luci or by editing /etc/config/network.
1 Like
Citation needed. Android and iOS devices randomize their MAC addresses by default, and they do not use the OUI of the device's WiFi hardware when doing so. All such MAC addresses are locally administered, so they do not have valid OUIs at all. Nobody cares about the OUI of some MAC address unless they're a network admin trying to figure out what device has a particular IP on their network.
And even for devices that don't do MAC randomization, their apparent MAC address on the network can change simply by changing the NIC, changing between WiFi and Ethernet, or replacing the entire device. And these cases are indistinguishable from MAC spoofing, so in no way can a changing MAC address ever be suspicious.
1 Like
- Have you developed this random MAC script already (I see a thread where you discussed this)?
- Feel free to edit your script to do that
restrict your MACs to a table based off https://maclookup.app/search/vendors ?
if you want to randomize it further, use the macvendor.db from Pi-hole, and create a script that looks up some random vendor.
either dump it into a text format file, or use sqlite3 to perform queries.
[frollic@atlantis pihole]$ sqlite3 macvendor.db
sqlite> select * from macvendor limit 20;
00:00:00|Xerox Corporation
00:00:01|Xerox Corporation
00:00:02|Xerox Corporation
00:00:03|Xerox Corporation
00:00:04|Xerox Corporation
00:00:05|Xerox Corporation
00:00:06|Xerox Corporation
00:00:07|Xerox Corporation
00:00:08|Xerox Corporation
00:00:09|Xerox Corporation
00:00:0A|Omron Tateisi Electronics Co.
00:00:0B|Matrix Corporation
00:00:0C|Cisco Systems, Inc
00:00:0D|Fibronics Ltd.
00:00:0E|Fujitsu Limited
00:00:0F|Next, Inc.
00:00:10|Sytek Inc.
00:00:11|Normerel Systemes
00:00:12|Information Technology Limited
00:00:13|Camex
sqlite>
1 Like
open wrt does not support wild card's for restricting mac address or blocking OUI vendors.
It is a feature in Dnsmasq but not implemented in OpenWrt so I was informed.
I asked for a feature upstream request on the thekelleys.org.uk and it was implemented some time ago.
I believe I put in a feature request in github to implement this.
Until it is implemented as a future feature, you may be able to work around by setting the first three octets ( OUI ) as a D-Link, etc then using this in startup to generate random for the last three octets.
This was in my reply to your other MAC related post: