Menu
What's new
By:
Filters Better Search

Blocking internet access for devices with randomized mac address

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Q

qvrb

New Around Here
I'd like to block my kids from using the internet at certain times, but most of their devices have the ability to generate randomized mac addresses so the traditional methods of specifying mac address with scheduled times don't seem to work.

I've a ASUS RT AC 86U running Merlin 386.7_2

What i tried to do is to block all devices, and then schedule time for certain mac addresses in parental controls but it doesn't seem to work, everything is still blocked any ideas?
 
www.snbforums.com

How to enforce time-based restrictions on kids devices

Hi, I am new to ASUS devices and Merlin firmware (just upgraded to Merlin yesterday) and I am trying to transition the router functionality from another router to Asus/Merlin device (RT-AC86U). With the old router (Gargoyle), I would block kids' devices based on time restrictions. I noticed...
www.snbforums.com www.snbforums.com
 
I guess you could enable wifi mac filtering. This would only allow wifi devices you give access to by mac address to connect to the wifi. This MAY prevent them using random mac assignments, but I am sure given time, even this could be bypassed.
 
As has been said many times before, be a parent! You have the right to take the devices. Give the kids books instead.
 
Or set up an AP with an ssid just for them, in a secure spot, and use a timer to control it.
 
Why does this have to be a parental thing? I would like to know what devices are what and not have non-persistent mac randomization blow up my DHCP lease table.

It would be nice if YazFi had an option to post a captive portal for users using mac randomization (which is easy enough to identify).
 
KronFace said:
Wifi schedule on a dedicated kids only wifi network.
If it were me, I'd name it "Happy Accidents"
Click to expand...
Maybe I lost the spirit of the OP's actual question, but the title of the post is, "Blocking internet access for devices with randomized mac address"
 
The only way to go is with mac address filtering on. I do the same to control any random device the kids or their friends try to connect to our network. I know it's a pain, but really the only avenue.

I *wish* there was a feature that would more automatically add devices to the whitelist and prompt you like so:

WARNING! A new device <name> just tried to join your network with mac address <mac>. Would you like to allow them to join? Y/N
 
Viktor Jaep said:
The only way to go is with mac address filtering on. I do the same to control any random device the kids or their friends try to connect to our network. I know it's a pain, but really the only avenue.

I *wish* there was a feature that would more automatically add devices to the whitelist and prompt you like so:

WARNING! A new device <name> just tried to join your network with mac address <mac>. Would you like to allow them to join? Y/N
Click to expand...
This is ultimately possible. You would throw up a captive portal page after connect saying something like, "Please wait while the admin approves your connection..." and then once you approved it, it would whitelist it in both the captive portal page and iptables/etc.
 
Nick B said:
This is ultimately possible. You would throw up a captive portal page after connect saying something like, "Please wait while the admin approves your connection..." and then once you approved it, it would whitelist it in both the captive portal page and iptables/etc.
Click to expand...
Get to it! LOL :p

EDIT: Never knew this, but it actually looks like some of this functionality already exists only for these routers: 4G-AC68U, 4G-AC86U, 4G-AX56, BRT-AC828


@RMerlin -- is there any possibility of perhaps porting some of this "captive portal" functionality over to the main branch(es)? It sounds like it would be a really "nice-to-have" feature? I know you said back in 2012 that you don't see the need to add something like this, but even if there's a way to expose enough functionality to build this kind of custom solution ourselves, that might even work?
 
Last edited:
Search turns up some past discussion on the captive portal subject mostly a mixed bag:
www.snbforums.com

Captive portal for guest network on RT-AC66U B1

Hey! I'm running Asuswrt Merlin on my new RT-AC66U B1 and really happy with it. I'm amazed of all the things I can do with it. I'm a little noob in the field of building small networks and specially with this router and Merlin. I have a guess network at home and I would like to know if I...
www.snbforums.com www.snbforums.com
www.snbforums.com

Anybody able to get NoDogSplash working?

I'm trying to build NoDogSplash on AsusWrt Merlin 384.14. Compile is fine, configuration also ok. But when I start nodogsplash, it complaining that iptables version is too low. It requires 1.4.17, and AsusWrt Merlin using iptables 1.4.15. Manually lower requirement to v1.4.15 cause error like...
www.snbforums.com www.snbforums.com
github.com

Compile packages from sources

Ultimate repo for embedded devices. Contribute to Entware/Entware development by creating an account on GitHub.
github.com github.com
github.com

GitHub - nodogsplash/nodogsplash: Nodogsplash offers a simple way to provide restricted access to an Internet connection using a captive portal. Pull requests are welcome!

Nodogsplash offers a simple way to provide restricted access to an Internet connection using a captive portal. Pull requests are welcome! - nodogsplash/nodogsplash
github.com github.com
 
bennor said:
Search turns up some past discussion on the captive portal subject mostly a mixed bag:
www.snbforums.com

Captive portal for guest network on RT-AC66U B1

Hey! I'm running Asuswrt Merlin on my new RT-AC66U B1 and really happy with it. I'm amazed of all the things I can do with it. I'm a little noob in the field of building small networks and specially with this router and Merlin. I have a guess network at home and I would like to know if I...
www.snbforums.com www.snbforums.com
www.snbforums.com

Anybody able to get NoDogSplash working?

I'm trying to build NoDogSplash on AsusWrt Merlin 384.14. Compile is fine, configuration also ok. But when I start nodogsplash, it complaining that iptables version is too low. It requires 1.4.17, and AsusWrt Merlin using iptables 1.4.15. Manually lower requirement to v1.4.15 cause error like...
www.snbforums.com www.snbforums.com
github.com

Compile packages from sources

Ultimate repo for embedded devices. Contribute to Entware/Entware development by creating an account on GitHub.
github.com github.com
github.com

GitHub - nodogsplash/nodogsplash: Nodogsplash offers a simple way to provide restricted access to an Internet connection using a captive portal. Pull requests are welcome!

Nodogsplash offers a simple way to provide restricted access to an Internet connection using a captive portal. Pull requests are welcome! - nodogsplash/nodogsplash
github.com github.com
Click to expand...
Thanks... Yeah, a mixed bag of old threads going nowhere, and a GitHub project of unknown proportions that may require a lot of borking around outside of Merlin to get it to work. :(
 
Viktor Jaep said:
Thanks... Yeah, a mixed bag of old threads going nowhere, and a GitHub project of unknown proportions that may require a lot of borking around outside of Merlin to get it to work. :(
Click to expand...
Tell us what you really think, @Viktor Jaep. 🤣
 
Viktor Jaep said:
I think I communicated it in much nicer words than what I was going to say. Lol!
Click to expand...
:) Sounds like a fun project, any updates on your progress?
 
You must log in or register to reply here.

Similar threads

R
Looking for mid to high end router with specific access control/parental control features
Replies
7
Views
693
Wistuplu
W
Z
latest firmware for RT AX-86U - bug
Replies
13
Views
1K
zero7404
Z
J
YazFi Blocking internet access for certain devices on YazFi guest network
Replies
15
Views
2K
Narios
N
D
How To Block/Unblock Internet Access For A Single Device/IP via Command Line on AsusWRT?
Replies
6
Views
787
dwp
D
R
Script to detect backup wan and disable certain devices from internet access
Replies
0
Views
340
RandomUser777
R
Similar threads
Thread starter Title Forum Replies Date
Philip Bondi Diversion Diversion 5.0 ad blocking sample; very happy with user experience Asuswrt-Merlin AddOns 7
T Diversion Blocking percentage Asuswrt-Merlin AddOns 3
V unbound blocking apple private relay. Asuswrt-Merlin AddOns 1
M AdGuardHome IPTables blocking TLS port 853 from other hosts Asuswrt-Merlin AddOns 3
^Tripper^ Diversion UDP and arpa blocking - Just trying to understand Asuswrt-Merlin AddOns 1
D Solved Diversion 5.0 no type 65 blocking? Asuswrt-Merlin AddOns 2
L Diversion Diversion not blocking so many ads - help! Asuswrt-Merlin AddOns 26
K IP address blocking Asuswrt-Merlin AddOns 3
S Skynet Skynet IOT blocking / view blocked devices (should i be worried)? Asuswrt-Merlin AddOns 6
Z Diversion Diversion Blocking WiFi Asuswrt-Merlin AddOns 9

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 990 (members: 14, guests: 976)
Top