# MAC Filtering (help please)..



## dokgu

Hello guys..

This isn't actually a big problem. I just need to know how to properly block MAC addresses except my computer in my router.

*Relevant Information:*
Router Model - ProLink ADSL Router Hurricane 5200

What I currently did was go to the 192.168.1.1 or 192.168.0.1 and went straight to the MAC filtering tab. I have set the default action for the *Incoming* and *Outgoing* into *Deny* so that all MAC addresses will be blocked and denied access to the Internet.

In the current filter table however, I added my laptop's MAC address. I created two entries, one for *Incoming* and one for *Outgoing* and have set the action to *Allow*.

My problem lies with the *Source MAC Address* and the *Destination MAC Address*. For both the Incoming and the Outgoing, I only set the Source MAC Address to MY MAC address and didn't provide any MAC address in the destination MAC Address.

I can't test this configuration fully as I only have 1 unit. With this configuration, I can still connect to the Internet with my laptop as I want to, however I want to know if ever any other computer connects to my router, will it be denied access to the Internet?

Please confirm the correctness of my configuration. If it is wrong in any way, kindly provide a better solution.

Hope to hear from you guys soon..


----------



## af3

Even if you properly configure MAC address filtering, intelligent 'bad guys' can change their MAC address to one that is allowed and gain access to your internet connection...


----------



## johnwill

Stop wasting your time with MAC filtering.

*A good read: **The Six Dumbest Ways to Secure A Wireless LAN*


----------



## dokgu

don't worry guys, i do not own a wireless router..
plus the guys i want out of my internet access does not know how to change their MAC address..

so i really don't need a complex security.. MAC filtering is enough, don't worry..


----------



## af3

I see, you want them to have access to the network resources but not the internet!

Be sure to password protect the configuration/administrative access interface as well.

Keep in mind that if they have physical access to this router/modem/gateway, they could possibly reset it to the default settings by way of the "Reset" button which is usually located in the rear of the device.



> My problem lies with the Source MAC Address and the Destination MAC Address. For both the Incoming and the Outgoing, I only set the Source MAC Address to MY MAC address and didn't provide any MAC address in the destination MAC Address.


Does the page say something along the lines "use * for any" or "leave blank for any"? I'm unclear as to what their definition of "destination MAC address" is... Perhaps you should use the MAC address of the WAN interface of the device? One would think that would be filled in automatically... My best guess is leaving it blank implies any. :4-dontkno



> I can't test this configuration fully as I only have 1 unit. With this configuration, I can still connect to the Internet with my laptop as I want to, however I want to know if ever any other computer connects to my router, will it be denied access to the Internet?


You could use MAC address spoofing to test the router's configuration but I don't know if I'm allowed to explain that here... :4-dontkno


----------



## dokgu

don't worry about them resetting my router, they won't do that.. lol



> Does the page say something along the lines "use * for any" or "leave blank for any"? I'm unclear as to what their definition of "destination MAC address" is... Perhaps you should use the MAC address of the WAN interface of the device? One would think that would be filled in automatically... My best guess is leaving it blank implies any.


same, i really don't know what they meant by this.. no clear instructions were provided with the router manual..

the interface that is shown could be found here.

***********
***********

the people i want to keep out of the internet access are not tech guys so they won't know what to do most of the times, they don't even know what a MAC address is, heck they don't even know how to get to the router configuration interface.. the only reason i want them restricted from accessing the internet is because when i am downloading large files and leave my laptop to download, they actually disconnect my laptop and use the internet for themselves.. i just got irritated as this happened a few times already.. i don't charge them for using the internet, however i want them to just leave my connection so i don't have to wait longer for my files to download as sometimes i really need them fast.. i don't want them thinking that just because i am not at home, they could just disconnect me from the internet..

anyway, what i plan is when i'm not downloading anything i'm going to remove the restriction as i am not that selfish.. )
however i just want to have a bit of control when i do need the internet connection for important matters..

again, please don't worry about them using my laptop when i leave it downloading as they don't do this.. plus, i make some measures to ensure that they won't use my laptop.. if they happen to get the urge to just use my laptop, at least my files would still continue downloading.. if they hit the pause button then i guess technical stuff won't do, i'll just have to talk to them straight.. )


----------



## af3

That interface appears quite cryptic. Nothing is defined!


----------

