I am looking for the best way to request a feature enhancement to the Pepwave BR1 5g, that supports blocking an “Inbound” WAN MAC address.
Currently today, I can create and “Outbound” Firewall rule concerning a MAC address “on my BR1 Internal network”, but that option/selection is not available on the Firewall “inbound” Firewall rule selection for “WAN Source”. I can only create and “IP Address” related rule for a Source… which can just be changed to any IP address in the world by a rogue source.
Situation:
It appears that on my T-Mobile Data Cell service, there is a handful of “rogue” MAC addresses out in the T-Mobile Public Net that attempts access to my BRI every 4 to 6 hours. I have my BR1 5g Firewall service turned on for “Intrusion Detection”, and it appears to be working to block these access attempts, but I was looking for a more direct “Inbound MAC Block”. Currently these attempts just fills my BR1 Firewall logs.
These specific attempts at access via the T-Mobile Cell public network to my BR1 Wan Cell have many different Pubic Source IP Addresses, attempting access to various IP Ports/Protocols,…. Likely a Scan …but are all coming from what appears are a much smaller/limited number of MAC addresses. These MAC addresses are “Self-Created” by the source (does not tie to a Public named/identified device/manufacturer). A signature of a Rogue/ Malicious entity.
Can’t stop Rogue sources from impersonating a Public IP address, but could limit the traffic/processing power they consume on my BR1 when attempting access from Public T-Mobile to my BR1.
As mentioned, the MAC “Source” feature is on the “Outbound” Firewall Rule Config of the BR1,…. how can this be added on the BR1 “Inbound” WAN Firewall Config ?