I’ve set-up a parprouted based Wifi Ethernet bridge according Will Haley’s recipe and used Option 1, same Subnet:
IpFire WLAN 192.168.2.1 <-> 192.168.2.104 WLAN Raspi 3B+ 192.168.2.104 eth0 <-> 192.168.2.4 enp1s0f1 Ubuntu 18.04 laptop
The Raspberry Pi3B+ is acting as a bridge wifi <=> ethernet lan cable
Later I want to connect an IOT device to the LAN connection. This IOT device does not have WiFi.
My problem is as follows:
If I disable MAC filtering for the blue network in IPFire core 171, the internet access from the laptop is working as expected flawlessly.
However, If I enable MAC filtering for the blue network, the internet accesses of the Laptop 192.168.2.4 are blocked, here shown for a DNS access
15:28:59 DROP_Wirelessinput blue0 UDP 192.168.2.4 58824 192.168.2.1 53
I’ve enabled the blue access in IPFire for 192.168.2.4 and used the MAC address of the LAN port of the laptop. The bridge seems to translate the LAN access to a WLAN access.
I’m using ’ Force clients to use IPFire DNS Server’.
EDIT: Tracking the wifi interface of the Rasp by wireshark shows that e.g. a DNS request from the laptop is issued by the IP address of the laptop (192.168.2.4) but the MAC address of the Raspberry PI’s WLAN interface. The Wifi interface of the Raspi is already part of the blue MAC access table.
Unfortunately, I cannot enter in the blue MAC filter table two IP addresses with the same MAC address or one IP address with two different MAC addresses.
2nd EDIT: Could my issue be solved by a custom WIRELESSINPUT rule and custom WIRELESSFORWARD rule in firewall.local? What would be the necessary syntax?
How can I use the MAC filtering for a parprouted based Ethernet2WLAN bridge according Will Haley’s recipe?
Thanks for your help in advance.