Please note: This project is no longer active. The website is kept online for historic purposes only.
If you´re looking for a Linux driver for your Atheros WLAN device, you should continue here .

MAC Address Filtering in AP Mode

Introduction

This short introduction explains how to set up an access control list (ACL) or whitelist in AP mode. It is assumed that you already know how to set up a madwifi AP, but if you don’t, there is a brief howto at UserDocs/SimpleAccessPoint.

Steps

  1. First, make sure your card is not set to any particular mode or essid.
  2. Run:
    • To flush the list of MAC addresses:
            iwpriv ath0 maccmd 3
      
    • To make the list a whitelist:
            iwpriv ath0 maccmd 1
      
  3. Put the card in master mode:
        iwconfig ath0 mode master essid test
        ifconfig ath0 up
    
  4. At this point, nothing will be able to connect to the AP, since the whitelist is empty. To rectify this, you need to add some MACs to the list:
        iwpriv ath0 addmac 00:01:02:03:04:05
    

Obviously you need to change this, and repeat as needed for other addresses you want to allow.

  1. Hey presto! Your AP whitelist should be working perfectly.

Other Possibilities

The most obvious change you could make to this is to make it into a blacklist. Fortunately, this is dead easy. Just change the line reading iwpriv ath0 maccmd 1 to iwpriv ath0 maccmd 2.

Security Issues

Do not rely solely on a MAC whitelist for your APs security; it is far too easy to spoof.