Useful Snippets


This blog is used to collect useful snippets related to Linux, PHP, MySQL and more. Feel free to post comments with improvements or questions!

Are your smart devices spying on you? Make better purchasing choices and find products that respect your privacy at

RSS Latest posts from my personal blog

Most viewed posts

Subscribe to RSS feed

Block a device from accessing the internet using Ubiquiti EdgeMax / EdgeRouter

Stanislav KhromovStanislav Khromov

There are times when you want a device on your network to be able to access the local network but not be able to connect to the internet, for example to reduce the sending of telemetry and tracking data. Here is how you can accomplish this using Ubiquiti EdgeMax / EdgeRouter.

Go to the Firewall/NAT and then Firewall Policies. Add a new Ruleset.

Give your ruleset a name and select Accept as the default action.

Edit your new Ruleset and add a new Rule. Set the action to Drop.

Under the Source configuration, enter either an IP address or the MAC address that corresponds to the device you wish to block. Generally I would advise to block by MAC address, as that never tends to change, while the IP address can change if a device has not been connected to your network for a while and loses its DHCP lease. The MAC address for all your devices can be found under Services > DHCP Server > Actions > View Leases.

The last step is to configure the ruleset to be applied to the outbound WAN connection, this is typically eth0. You can find it under the Interfaces tab for the Ruleset.

After saving everything you can verify that the block works. You can also open the Stats tab for your ruleset to check if your blocking rule is being triggered.

Web Developer at Aftonbladet (Schibsted Media Group)
Any opinions on this blog are my own and do not reflect the views of my employer.
Twitter Profile
Visit my other blog

Comments 1
  • Msix
    Posted on

    Msix Msix

    Reply Author

    Simple and easy to follow. And it works perfectly. Thanks.