check one mac address allowed via CLI?

davidortenn79

Ok, like i've mentioned in previous posts, I'm using the watchguard as a home router because I want the better controls of firebox and the ability to find ways to block stuff on my network that a normal home router can't. (With a home router, if it can't do whatever, there's no option to be creative and make a solution.)

So, I'm trying to figure out how to allow and block devices on my network using an app on my phone. I found a solution for that. I installed Termius and created a few small scripts to add the mac address or remove the mac address by a tap of a button. Works nice.

But, sometimes I just want to know if it's enabled or disabled.

I'm playing around in the CLI. Doing some tests, I can do a show int FastEthernet 1. It shows me everything about the interface, including the mac addresses allowed. But, how do I write the command to tell it only to show me the results of the one mac address? When I question mark through it, doesn't look like I can pass any arguements to that command. I tried grep and that didn't work. grep would be the perfect solution. Thought I read somewhere that watchguard is linux in the background.

Or is there a better solution? I want a small script I can tap that will just show me if it can see a particular mac address in the confiig or not. It would be even cooler if I could somehow wrap that into some kind of if statement or switch statement that I could then output some text stating the mac address is there or not. But, I think that might be too much. (Maybe API??? but I'm not that good at programming yet.)

james.carson

As far as I'm aware there isn't really a way to do this. Fireware (the OS on the firewall) is running Linux as its base, but the shell you're using is WatchGuard's, not a standard linux shell. Normal linux commands are severely restricted to prevent things like (remote) code execution.