Hi,

Pharos product are pretty good but i can't use it because some security functionnality are needed.

Actualy we work with UBIQUITI rocket M2 or Bullet M2 (rocket M2 pretty same as WBS210).

Actualy we need the possibilty in AP mode bridge to allow wifi client traffic to 2 mac address only (client must speak only with the routeur).

We achieve that with this EBTABLES rules on ubiquiti AP (on AP WDS mode) :

eth0 is the LAN port connected to the router ath0 is Wifi interface.

ebtables -I FORWARD -i ath0 -o eth0 -j DROP
ebtables -I FORWARD -i eth0 -o ath0 -j DROP
ebtables -I FORWARD -i ath0 -o eth0 -d FF:FF:FF:FF:FF:FF -j ACCEPT //allow broadcast like DHCP request from client to the entire network
ebtables -I FORWARD -i ath0 -o eth0 -d $ROOTER_MAC -j ACCEPT
ebtables -I FORWARD -i eth0 -o ath0 -s $ROOTER_MAC -j ACCEPT
ebtables -I INPUT -i ath0 -j DROP //block traffic from client to the ap

is possible to do that on WBS210 ?

and we need to add a DHCP server protection on WIFI interface for blocking rogue DHCP.

Of course we add static mac table with routeur IP but this functionnality already exist on WBS210.

thanks by advance.