将PPPOE中的接口禁加桥接并将服务建在桥接接口上,然后使用bridge的防火墙来过滤PPPOE MAC
脚本内容:
#建立bridge /interface bridge add admin-mac=00:0C:21:91:02:C1 auto-mac=no name=bridge1 #绑定PPPOE服务接口 /interface bridge port add bridge=bridge1 interface=vlan2100 #在pppoe-server修改PPPOE服务的接口为bridge1 #启用bridge防火墙 /interface bridge settings set use-ip-firewall=yes use-ip-firewall-for-pppoe=yes use-ip-firewall-for-vlan=no #拦截黑名单MAC /interface bridge filter add action=drop chain=input disabled=yes src-mac-address=\ 08:10:77:6A:C8:47/FF:FF:FF:FF:FF:FF