Hello! I’m trying to find a way of implementing whitelisting or blacklisting of Mac addresses that connect directly to the switch through ethernet, via cable to the router rj45 ports. Is this possible? So far I have only seen ways of doing this on the Wi-Fi connections.
Almost. I see the solution allows us to only provide DHCP to certain MAC addresses. I would like to completely block a MAC address from entering the Lan, even if the host has a static IP address and, therefore, does not need DHCP.
not sure it's doable, since the LAN traffic doesn't pass any firewall ...
It should be possible with ebtables/nftables.
Wired IEEE8021X would be the real solution, which is possible with OpenWrt, but requires a rather manual setup.
Thanks, I will check both options
A properly managed switch can do allow or block lists based on MAC addresses. Not an openwrt solution, but a viable way to implement this if it is critical.