Observed security performance:
MAIN Unit:
MAC Filtering: as expected;
Traffic Rules: as expected.
EXTENDER Unit:
MAC Filtering: None;
Traffic Rules: None.
Required Security Performance:
MAIN Unit:
Contains Security Configuration and periodically updates EXTENDER Unit(s) to confirm Security Configuration is current in EXTENDER Unit(s).
EXTENDER Unit(s):
Reflect Security Configuration as contained in MAIN Unit periodically requests of MAIN Unit to confirm Security Configuration.
Please advise as how to effect the above Required Security Performance.
There will likely be need for clarification, do not hesitate to request such.
You are probably looking into something like OpenWISP
Extender unit is kind of transparent to the network and does not filter the traffic, so you just need to transfer MAC whitelist which can be done by hand like uploading uci dump and applying on extender. Should work to like 10 devices and 2 configurations.
Please have the relayd documentation emphasize the GROSS security compromise inherent within. Had such been readily apparent, this option would NOT have been pursued.
relayd incorrectly connects ( CLEARLY NOT DESIGNED respecting the OSI model ) an EXTENDER to MAIN unit, bypassing the Security enforced by the MAIN unit.