MAC Detector

From Wiki of WFilter NG Firewall
Revision as of 16:30, 1 April 2026 by WFilter (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Contents

1 MAC Detector

"MAC Detector" can gather client's physical MAC addresses via SNMP protocol. With "MAC Detector" enabled, you can:

  • Set access policy by MAC addresses.
  • Set IP-MAC binding in a multiple-segments network.
  • Show real MAC addresses in "Real-time Bandwidth".
  • Show real MAC addresses in "Internet Usage".

2 Settings

3 SNMP Commands

"MAC Detector" use snmpwalk commands to send SNMP query to manageable devices. Usually, the snmpwalk commands are sent to routing devices, for example: core three-layer switch, or manageable wireless AP.

  • "SNMP Commands": snmpwalk commands be sent to the manageable devices. Multiple commands are supported.
  • "Result Format": a regular expression which matches ONE record row.

3.1 Example

Suppose the core three layer switch has ip address "192.168.1.2", the "SNMP Command" is:

snmpwalk -v 2c -c public 192.168.1.2 ipNetToPhysicalPhysAddress

"ipNetToPhysicalPhysAddress" can retrieve both IPv4 and IPv6 addresses, you also can use "ipNetToMediaPhysAddress" for IPv4 only. The real return message is:

IP-MIB::ipNetToPhysicalPhysAddress.9.192.168.1.1 = STRING: 0:6:f6:bf:8b:cc

IP-MIB::ipNetToPhysicalPhysAddress.9.192.168.1.11 = STRING: ae:15:53:a0:9b:7f ...


To match every return rows, we configure the "result format" as:

IP-MIB::ipNetToPhysicalPhysAddress\.\d+.*


The "MAC Detector" will use the "result format" to get every record and retrieve the mac and ip information.

Maccd00.jpg

3.2 Test

You may click "test" to test the SNMP commands in the list.

Maccd01.jpg

4 FAQ

Retrieved from "http://wiki.wfilterngf.com/index.php?title=Maccd&oldid=1212"
Personal tools
Namespaces

Variants
Actions
Navigation
Tools