locked
Firewall rule to allow/block MAC address RRS feed

  • Question

  • Hello,

    Is it possible to create a Firewall rule to allow/block a MAC address? If this is possible, which FWPM_CONDITION_xxx and layer should I use in the rule?

    Thank you for your help.

    Nader

    Wednesday, June 11, 2014 1:14 PM

Answers

  • WFP supports this functionality starting in Windows 8.  You need to use FWPM_LAYER_{IN | OUT}BOUND_MAC_FRAME_ETHERNET, and use the FWPM_CONDITION_INTERFACE_MAC_ADDRESS,  FWPM_CONDITION_MAC_LOCAL_ADDRESS, and / or FWPM_CONDITION_MAC_REMOTE_ADDRESS conditions.

    Windows Firewall does not support blocking by MAC Address. Some 3rd party firewalls do though.


    Dusty Harper [MSFT]
    Microsoft Corporation
    ------------------------------------------------------------
    This posting is provided "AS IS", with NO warranties and confers NO rights
    ------------------------------------------------------------

    Monday, June 16, 2014 7:10 PM
    Moderator

All replies

  • WFP supports this functionality starting in Windows 8.  You need to use FWPM_LAYER_{IN | OUT}BOUND_MAC_FRAME_ETHERNET, and use the FWPM_CONDITION_INTERFACE_MAC_ADDRESS,  FWPM_CONDITION_MAC_LOCAL_ADDRESS, and / or FWPM_CONDITION_MAC_REMOTE_ADDRESS conditions.

    Windows Firewall does not support blocking by MAC Address. Some 3rd party firewalls do though.


    Dusty Harper [MSFT]
    Microsoft Corporation
    ------------------------------------------------------------
    This posting is provided "AS IS", with NO warranties and confers NO rights
    ------------------------------------------------------------

    Monday, June 16, 2014 7:10 PM
    Moderator
  • Thank you
    Wednesday, June 18, 2014 12:52 PM