OpenWRT: Create a WiFi MAC Whitelist or Blacklist

Recently I had to prevent people automatically roaming onto a certain access point being used for development purposes. Hence, a MAC blacklist was put in place to force devices to fall back to another AP.

In order to add the blacklist, you have to add a couple of lines to your wireless configuration. This is done by editing /etc/config/wireless on the OpenWRT box.

vi /etc/config/wireless

From here, append the following lines into the config wifi-iface section:

option macfilter 'deny'
option maclist 'xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy'

Where deny is the MAC filter operation policy. i.e. deny the following MACs from joining. Another valid option here is allow if you wish to create a whitelist.

The maclist option is a space-delimited list of MAC addresses that you wish to block from joining your AP.

Now, simply reload the wifi config with the following command to put it into action.

wifi
Published 2017-01-06