Firewall Block MAC Address Not working

Opcode · July 6, 2019, 1:36am

Hello guys. How are you ?

Well I did some research in forum and didn't find anything like my problem.

I have a TPLINK WR840N and I've installed OpeWRT recommended.

I have been using this router as a AP. I am using it connected to my router/internet through WIFI and opewrt seems to automatically bridge it with my lan interface. I have been able to block communication with my "original" subnet (from my router/internet), but I just can't block the computer (MAC ADDRESS) to access the LUCI or SSH. I already configured on Firewall rules:

Screenshot%20from%202019-07-05%2022-34-11

When I am connected in this MAC address I can access http:192.168.1.1... I don't know whatelse I could do to block it. Can anyone help me ?

Thanks in advance.

luochongjun · July 6, 2019, 7:39am

If you don't want your computer to access SSH and LUCI, you also need to add rules to the INPUT chain

eduperez · July 6, 2019, 8:09am

Communications between bridged interfaces do not pass through the firewall. You need to use "ebtables" for that, or configure the firewall on the main router.

vgaetera · July 6, 2019, 4:46pm

There's a kernel module kmod-br-netfilter which solves the issue unless related hosts belong to the same wired VLAN, however accessing the router indeed requires changing the rule destination zone to local as @luochongjun stated.

system · September 12, 2020, 3:00am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.