Automate static arp

emoelf · Feb 22, 2017, 2:27 PM

I'd like to schedule a task at a given time which would enable mac address filtering for a given set of mac addresses, to be determined ahead of time. I have been trying to do this via ssh terminal and I can use the arp command to remove an entry which I included in the static arp list I set up via the console, but the associated device is still able to connect.

johnpoz · Feb 22, 2017, 5:19 PM

What exactly is your goal your wanting to achieve? Why do you want to block mac - why would you not just use schedules and block the IP of said device?

emoelf · Feb 22, 2017, 5:52 PM

My goal is to not allow a subset of devices to connect during a specific time frame and to automate that so that I can schedule it so I don't have to be present to do it manually. If I can accomplish that with ip addresses, that's fine. I am using dhcp and I'm not sure if a given device will always receive the same ip address. If this is the case, can you recommend how to schedule access availability per device by ip address?

johnpoz · Feb 22, 2017, 7:36 PM

so first thing would be to setup a dhcp reservation, ie static dhcp so that client always gets the same IP. Then create a schedule for your rules so those IPs don't have access when you don't want them to have access.

https://doc.pfsense.org/index.php/Firewall_Rule_Schedules