1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Block device from accessing BSSID?

Discussion in 'Networking Issues' started by threehappypenguins, Feb 26, 2014.

  1. threehappypenguins

    threehappypenguins Serious Server Member

    I am setting up my friend's network for his kids. I have Tomato firmware running on their Linksys with OpenDNS filtering as well as timed Access Restrictions (ie, no more internet access after 11:30pm). That's all fine and dandy as long as my friend's son's phone stays on his network. However, he is getting access to a friend's router nearby (however, he does not have data on his phone; so I don't need to worry about that).

    In Tomato, I can go to Tools > Wireless Survey and I can see all the BSSID's that are all around their house.

    I want to prevent his phone from connecting to a specific wireless access point. I tried downloading (on my own phone) the Android Firewall app and entering a custom script:

    Code:
    $IPTABLES -A INPUT -m mac --mac-source 00:00:00:00:00:00 -j REJECT
    Because I am trying to test this on my own phone first, I went into my router (also running Tomato) and saw multiple MAC addresses (nothing that said "BSSID"). I assumed that I should choose the Wireless MAC Address. So when I tried that in my above iptables, I could still access the internet on my phone. So I also tried WAN and LAN Mac Addresses. Still could access the internet. Is there somewhere else that I should be looking for my BSSID? Assuming that is what I need? Or is it the same as the Wireless MAC address? Someone told me
    I don't even know what that means... I'm running Windows on my computer, and I have an Android phone. If I'm going to "pull" something, how do I do that? What, and where do I type it? Or where do I navigate in what?
     
  2. threehappypenguins

    threehappypenguins Serious Server Member

    I downloaded an app called Network Info II and it showed me that my BSSID is the exact same as my Wireless MAC address. So that answers my question. Now I just need to figure out how to prevent the phone from accessing this specific network...
     
  3. threehappypenguins

    threehappypenguins Serious Server Member

    I figured things out. For one, after I added the iptable rule, I needed to REBOOT my phone for it to apply (which I wasn't doing). Secondly, I needed to use the LAN Mac Address (NOT the BSSID/Wireless MAC address) in order for the iptable rule to work.

    Thirdly, I downloaded AFWall+. It allowed me to set it as administrator to prevent uninstallation. The only thing missing is that the developer needs to password protect removing the app as administrator.

    Then I downloaded Android Terminal Emulator. In order to find the LAN MAC address for the connection that I am looking to block, I typed this into the emulator:

    Code:
    arp -n
    Then I used the MAC address that was given in the terminal and put that into this rule here to be place in "custom scripts" in the firewall:

    Code:
    $IPTABLES -A INPUT -m mac --mac-source 00:00:00:00:00:00 -j DROP
     
    Last edited: Feb 28, 2014

Share This Page