Gargoyle Forum

As Gargoyle only has wireless MAC address filter but cannot block LAN MAC address, so if the user sets static IP and plug into LAN port they can use other people's quota. So I need solution to block the LAN MAC address, I mean LAN MAC address filter function.

Hope I have explained clearly. Thanks.

I look for solution block the LAN MAC address, I mean LAN MAC address filter function. Only allow the list MAC address connecte on LAN port as well.

Thansk

Please stop posting the same thing in multiple forums. One post is quite sufficient -- otherwise it's spam.

If you do it again, I'll ban you.

Eric wrote:Please stop posting the same thing in multiple forums. One post is quite sufficient -- otherwise it's spam.

If you do it again, I'll ban you.

Sorry about this

I'd be interested in this too. But believe the only way to properly lock wired LAN is only by the use of a 'managed switch', and restrict mac addressing there.

Has anyone been able to do this via Gargoyle.

Thanks.

The original poster on this thread was confused.

To "lock down" your LAN you need to assign static IP address based on MAC address for all the computers you wish to service. This is done on the connection DHCP screen.

Then check the box on the same screen labeled
"Block MAC addresses assigned a static IP that connect from a different IP"

Then quota rules for the IP addresses as you like and a catch all quota to pickup everyone else and do what you want with them.

Hi Pbix, and thank you for your reply.

I have tried this, and it does not work. Being that the computer on the LAN have its MAC listed in the DHCP Pool or not, it will still be allowed access to WAN when I manually assign it an IP that is in the non-restricted IP Range.

This is my device and its status while testing this again just now:
Device Name:Gargoyle
Gargoyle Version:1.5.10
Model:TP-Link TL-WR1043N/ND v1
Device Configuration:Gateway
Memory Usage:18.1MB / 28.5MB (63.4%)
Connections:47/4096
CPU Load Averages:0.33 / 0.12 / 0.14 (1/5/15 minutes)

Kind Regards,
Cachorro.

One alternative solution for you would be to set a quota for "all hosts without explicit quota" to zero and you set the speed limit you want to impose on that.

Anyone who connect to your LAN without an assigned quota will automatically fall into this group. You could simply set it to "Shut down all internet access" or throttle it to a very slow speed.

This is what I do here

Hi Eric,
Yes, that would work. And has worked unless someone witty and willingly comes along to 'steal' someone else's Quota by setting their IP to a known IP that is allowed and has still quota available.

Mainly, what I have discovered is resolved by the DHCP tick of "Block MAC addresses assigned a static IP that connect from a different IP", which does not seem to want to work for me.

Say, as I have tested:
I have two computers with their MACs in the DHCP pool assigning them with an IP, say 1 and 2.
If I change the IP on computer #2, to the IP of #1, the router still happily allows traffic thru the gateway and it consumes #1's Quota.
Is this a known issue?
I am happy to send you any of my router's config and logs if you would like to have a look at them (on PM).

Thanks,
Cachorro./

Hi,
Has anyone been able to resolve this?
Thanks.