• Registered: 2007-07-25
  • Posts: 17

Topic: Wireless MAC Filtering (Kamikaze 7.06)

>>>  WIRELESS MAC FILTERING GUIDE
    1- ipkg install wl        (install broadcom wireless driver if not already installed. Not sure if this package is really needed. I think 'WLC' is already installed in base system)
    2- vim /etc/init.d/wlmacfilter
        |-->
            #!/bin/sh /etc/rc.common
            # The macfilter 2 means that the filter works in "Allow" mode.
            # Other options are: 0 - disabled, or 1 - Deny.
            # wlc ifname wl0 maclist "xx:xx:xx:xx:xx:xx xx:xx:xx:xx:xx:xx"
            START=47
            start() {
                wlc ifname wl0 maclist "xx:xx:xx:xx:xx:xx"
                wlc ifname wl0 macfilter 2
                }
           
            stop() {
                wlc ifname wl0 maclist none
                wlc ifname wl0 macfilter 0
                }
    3- chmod 755 /etc/init.d/wlmacfilter
    4- /etc/init.d/wlmacfilter enable        (this will create symbolic link in /etc/rc.d/S47wlmacfilter to start at BOOT)

  • From: Belgium
  • Registered: 2007-08-03
  • Posts: 667

Re: Wireless MAC Filtering (Kamikaze 7.06)

Is there any clarity on the wl package being needed or not?

I haven't installed it, and I am running the WLAN MAC filter as described above. Since the script does not contain any references to wl, I'd think it's redundant... But you never know.

LEDE 17.01 RC2+ on D-Link DIR-860L B1 :: Netgear WNDR3700 v1 (2x) & v2 (1x) :: PC Engines APU2 :: Ubiquiti Unifi AC Pro (2x) :: TP-Link TL-WR1043ND v1 (1x) & v2 (4x) :: TL-WR841N (2x) :: LEDE trunk on Asus WL-500W (wl) :: OpenWrt Attitude Adjustment 12.09.1 on Asus WL-500G Deluxe

Borromini's Website

  • Registered: 2007-07-23
  • Posts: 44

Re: Wireless MAC Filtering (Kamikaze 7.06)

I was under the impression that MAC whitelisting was largely a waste of time, due to the ease of MAC address spoofing ... neutral

Linksys WRT54GL v1.1 - OpenWrt 7.09
  • From: Belgium
  • Registered: 2007-08-03
  • Posts: 667

Re: Wireless MAC Filtering (Kamikaze 7.06)

True, but it keeps the noobs out smile. It's not like my 63 bit random AES key is gonna get cracked anytime soon ^_^

LEDE 17.01 RC2+ on D-Link DIR-860L B1 :: Netgear WNDR3700 v1 (2x) & v2 (1x) :: PC Engines APU2 :: Ubiquiti Unifi AC Pro (2x) :: TP-Link TL-WR1043ND v1 (1x) & v2 (4x) :: TL-WR841N (2x) :: LEDE trunk on Asus WL-500W (wl) :: OpenWrt Attitude Adjustment 12.09.1 on Asus WL-500G Deluxe

Borromini's Website

  • Registered: 2006-11-14
  • Posts: 707

Re: Wireless MAC Filtering (Kamikaze 7.06)

Why not using ebtables or iptables for MAC filtering?

1x ASUS WL-700g Encore (Kamikaze 7.09, BCM947xx//953xx [2.4])
1x ASUS WL-500g Premium with Wistron CM9 WiFi card (Kamikaze 7.09, BCM947xx//953xx [2.4])
1x Linksys WRT54GL v1.1 with 512MB MMC card mod, optimized MMC driver (Kamikaze trunk r9548, BCM947xx//953xx [2.4])
NO support via PM.
  • Registered: 2006-05-05
  • Posts: 7

Re: Wireless MAC Filtering (Kamikaze 7.06)

forum2006 wrote:

Why not using ebtables or iptables for MAC filtering?

Because filtering using the driver is done in hardware, from what I understand. Filterting with [eb|ip]tables uses CPU.

  • Registered: 2007-09-10
  • Posts: 10

Re: Wireless MAC Filtering (Kamikaze 7.06)

I accidentally ran the firstboot command and i had to reconfigure my router. So I tried the  wlmacfilter without installing  the "wl: package and it worked. So the wl package is not needed, at least on my configurations (before, Linksys WRT54-GL, now Asus WL500G-Premium).