Hello everyone, another day another question. On my network have a few devices with static leases which I got some help to achieve and worked fine... However one of the devices has been replaced and now also uses ipv6 but doesn't seem to give a UDID as it doesn't show in the DHCP list, only 3 devices show, all of which I know what they are... However if I go onto the "routes" tab there's loads of ipv6 devices listed in the "neighbours tab".
When it comes to ipv6 how do you allocate a fixed address to it, and use the firewall to block port access?
Ive asked already, whoops sorry, must be loosing my mind!! Sorry, it's my brain struggling with all the openwrt info getting crammed into it the last few weeks.
The devices have been connected now a week but still no duid has appeared... Things like the PS4 and the dishwasher of all things use IPV6 and give the UDID instantly... Android doesn't seem to ever provide one and I can't find how to get one from anywhere in the system.
For source ip filtering it requires the IPv6 which in turn you would want to be the client's static IPv6 but that does not work without the DUID, so catch22 ...
Afaik an IPv6 packet does not carry its source MAC or DUID but instead the EUI-64 identifier. You could perhaps run a packet capture and see whether the EUI-64 identifier for particular clients can be extracted.
Not sure if the EUI-64 identifier can be filtered in a firewall however.
Apparently netfilter provides EUI-64 filtering  and thus could be deployed in a firewall, least with ip6tables but probably also with nftables
It requires kernel conf
CONFIG_IP6_NF_MATCH_EUI64 = y | m
But then again Android may have not implemented EUI64
Plus there are privacy/security concerns about EUI64 that are partially being addressed by IPv6 privacy extensions and thus the EUI64 value may not be sustained over time, in which case rendering it potentially useless for packet filtering.