jestli se nepletu, náhodné adresy mají definovaný prefix, ev. pattern, ale pochybuji, že se dá blacklistovat pouhý prefix, nebo dá ?
tady je pekny popis , mimo jiné
https://datatracker.ietf.org/doc/draft-ietf-madinas-mac-address-randomization/
Zuniga, et al. Expires 7 May 2024 [Page 3]
Internet-Draft Randomized and Changing MAC Address stat November 2023
+--------+--------+---------+--------+--------+---------+
| Organizationally Unique | Network Interface |
| Identifier (OUI) | Controller (NIC) Specific |
+--------+--------+---------+--------+--------+---------+
/ \
/ \
/ \ b0 (I/G bit):
/ \ 0: unicast
/ \ 1: multicast
/ \
/ \ b1 (U/L bit):
+--+--+--+--+--+--+--+--+ 0: globally unique (OUI enforced)
|b7|b6|b5|b4|b3|b2|b1|b0| 1: locally administered
+--+--+--+--+--+--+--+--+
How to Identify a Randomized MAC Address?
Fortunately it is easy to identify randomized MAC addresses. There is a bit which gets set in the OUI portion of a MAC address to signify a randomized / locally administered address. The quick synopsis is look at the second character in a MAC address, if it is a 2, 6, A, or E it is a randomized address.
S tím blacklistováním je to jak kde. V dnsmasq třeba
dhcp-host=*2:*:*:*:*:*,ignore
dhcp-host=*6:*:*:*:*:*,ignore
dhcp-host=*a:*:*:*:*:*,ignore
dhcp-host=*e:*:*:*:*:*,ignore