What's new

How to modify MAC filter from command line?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

distilled

Senior Member
There are a few threads about this, like https://www.snbforums.com/threads/howto-update-mac-filter-from-command-line.20611/ but I can't figure out how to modify it for my needs.

Is it possible to add/remove a machine from a MAC filter from the command line on an AC86U?

The goal is to be able to remotely connect a Windows 10 machine to a particular isolated WLAN, and also bring it back to the main network. A "ssh user@ip netsh wlan connect netname" pushes it onto the isolated WLAN, but then it is necessary to join that isolated WLAN to be able to SSH in and bring it back. Connecting to the AC86U and using the MAC filter to force the machine off of the isolated network causes it to re-join the main network, so this is ideal. But how to do it with a SSH script?
 
Is anyone able to help with this?
 
Frankly I just didn't understand it, it looks like much more than I need. I am really just wondering if there is a way to modify the MAC ACL for a particular WLAN. I tried parsing through the script to find relevant parts, but I was quickly confused, so asking for a translation, or even a nudge in the right direction, seemed prudent.
 
The MAC filter list's are held in nvram variables in a particular format. So to change them via a script you would have to read the variable associated with the particular SSID(s), add or remove the desired entry, write back the nvram variable and then restart the WiFi.

You can see your current filter lists with the following command:
Code:
nvram show | grep wl[01].*_maclist_x | sort
For example,
Code:
# nvram show | grep wl[01].*_maclist_x | sort
size: 57832 bytes (7704 left)
wl0.1_maclist_x=
wl0_maclist_x=<40:B8:9A:B4:3D:DD>KDL-50W805C<84:A4:66:3E:23:BA>BD-H6500W<C0:A0:0D:A9:B9:4D>TIVO-C68000020FBBF3D
wl1_maclist_x=
 
Thanks, I do really appreciate it. Having to restart WiFi is a dealbreaker. In retrospect, it should have been obvious, since modifying the ACL through the GUI causes disconnects, but I hadn't thought it through.

This little project is clearly not the non-trivial thing that it first looked like :)
 

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top