July 2020 Archives
Thu Jul 16 11:44:23 +07 2020
Add MAC address to the filter for SMC smart classroom
Smart classroom are set to use the specific SSID SMC.In order to prevent anyone using that SSID, a filtering has been setup on the MAC addresses of the devices that are allowed to connect to that wireless network.
The operating system DD-WRT used on the WiFi access points in CSIM does not allow MAC filtering per SSID, only per interface, so the filtering has to be done at the wouter level.
Connect to CSIM router.
- List the existing MAC filtering rules withe the command:
show firewall name SMCOutFilter
The result should look like:IPv4 Firewall "SMCOutFilter": Active on (eth3.13,IN) rule action proto packets bytes ---- ------ ----- ------- ----- 1 accept all 119375 14027513 condition - MAC xx:xx:xx:xx:xx:xx 2 accept all 2817 597981 condition - MAC yy:yy:yy:yy:yy:yy 10000 drop all 1902 121212 vyatta@vyatta:~$
- Enter Vyatta configuration mode, use the command:
configure
- Choose the next available rule, in the above example rule 3 and
add a new rule:
set firewall name SMCOutFilter rule 3 action accept set firewall name SMCOutFilter rule 3 source mac-address xx:xx:xx:xx:xx:xx set firewall name SMCOutFilter rule 3 description "name of the devicce"
Where xx:xx:xx:xx:xx:xx is the MAC address of the device and name of the devicce is a short description of the device, it;s owner, etc.
- Verify the new rule:
show firewall name SMCOutFilter
You expect to see the following in the listing:+rule 3 { + action accept + description "name of the devicce" + source { + mac-address xx:xx:xx:xx:xx:xx + }
The symbol + at the begining of the line means the rule has been added but is not yet committed.
- Commit the new rule:
commit
And save the configuration:save
- Tules are deleted with the command:
delete firewall name SMCOutFilter rule n
Where n is the number of the rule to be deleted.
This had to be committed and saved too.