I guess I am repeating my same question again. I somehow want to provide access to my 300 and more users with MAC based access restriction. I have heard that there is a limit to number of MAC addresses one can add in the 'access restriction' part of the tomato gui. So I have come up with my own solution for it. Here is what I did: Code: iptables -A rdev01 -m mac --mac-source 00:8c:c3:de:67:8a -j RETURN #User No:201005001 NAME:Michael iptables -A rdev01 -m mac --mac-source 00:1c:b0:df:12:44 -j RETURN #User No:201005002 NAME:Charlie iptables -A rdev01 -j DROP The script allows me to specify more details about my users like number and name. It'll provide internet access to only those users whose MAC id is specified in the script. I used it as firewall script and it worked. But when I entered a new user I had to restart the firewall over ssh. i used this command: Code: service firewall restart My question is that is there a limit for the rules I can add in the firewall script section in the GUI?. I may have to add more than 500 rules in my case. I hope there are no limits. If anyone wants to try out the script you have to see that the line Code: iptables -A rdev01 -j DROP comes at the end. All MAC restriction rules should come above that line. This code will reject access to clients whose MAC id is not included in the script.