Answer the question
In order to leave comments, you need to log in
How to supplement the script for detecting unregistered users. How to enter exceptions?
:foreach i in=[/ip arp find] do={
:local fip [/ip arp get $i address];
:local fmac [/ip arp get $i mac-address];
:local ipfound [/ip firewall address-list find address=$fip];
:if ($ipfound != "") do={
:log info ($fip. " already filtered")
} else={
/ip firewall filter add chain=forward src-mac-address=$fmac action=drop comment= ("Unregistered device - $fip")
:log info ("Added " . $fmac. " to firewall filter")
}
}
everything works here, just needs to be corrected so that there are exceptions.
for example for these MAC addresses ---> 00:18:C0:61:F0:20, C8:3A:35:0D:0B:00
Answer the question
In order to leave comments, you need to log in
I suppose, create an address-list with ip-addresses associated with these poppies, and specify src-address-list!=YourListName in the firewall rule. Or, hard-coded in the firewall, create allow rules with your src-mac-address=00:18:C0:61:F0:20 and place them above the deny ones. Then even if there is a prohibition, it will not work. Either create an array with your exceptions, compare new poppies with all array keys, if they don't match, create a rule. If it matches, next.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question