Feature #16395
closed
Block device by name (with random mac-adress)
Added by Evgeny Korostelev 14 days ago.
Updated 4 days ago.
Description
I would like to ask you to make a function for blocking a device with a random MAC address by name (the name always remains constant)
Moreover, the device is not pinged by icmp packets, it is determined only by arping
- Status changed from New to Incomplete
Hello,
Are you referring to blocking by device hostname?
Please provide additional details on what "name" you're referring to.
Marking as Incomplete until additional details are provided.
Yes, I suggest blocking by hostname.
The thing is that the user mistakenly connects his android phone to the work network, instead of the guest one, and when connecting to the network, a random MAC address is used, I can't block it by MAC address, but it always connects with the same name.
Therefore, I suggest making periodic detection of the device on the network using arping and if it appears, then block the MAC address.
For example, give the device an incorrect gateway by DHCP
- Status changed from Incomplete to New
If pfSense doesn't handle DHCP and DNS for a network, it may be hard to determine a hostname/FQDN for the endpoint, so this might not be possible, but moving back to New status.
For now, this sounds more like a job for a WiFi controller to handle by blacklisting a device there.
- Status changed from New to Rejected
arping just uses DNS to find addresses. You can already block by hostname by placing the hostname in an alias. There isn't any other work to be done here.
Beyond that, this is an L1/L2 issue you need to solve in your network gear, not the firewall. Changing MACs and hostnames is trivial for end-user devices, blocking them that way is not going to be effective.
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by