Automate static arp



  • I'd like to schedule a task at a given time which would enable mac address filtering for a given set of mac addresses, to be determined ahead of time. I have been trying to do this via ssh terminal and I can use the arp command to remove an entry which I included in the static arp list I set up via the console, but the associated device is still able to connect.


  • LAYER 8 Global Moderator

    What exactly is your goal your wanting to achieve?  Why do you want to block mac - why would you not just use schedules and block the IP of said device?



  • My goal is to not allow a subset of devices to connect during a specific time frame and to automate that so that I can schedule it so I don't have to be present to do it manually. If I can accomplish that with ip addresses, that's fine.  I am using dhcp and I'm not sure if a given device will always receive the same ip address.  If this is the case, can you recommend how to schedule access availability per device by ip address?


  • LAYER 8 Global Moderator

    so first thing would be to setup a dhcp reservation, ie static dhcp so that client always gets the same IP.  Then create a schedule for your rules so those IPs don't have access when you don't want them to have access.

    https://doc.pfsense.org/index.php/Firewall_Rule_Schedules


Log in to reply