Posted: Thu Aug 23, 2018 2:40 Post subject: WireShark
WireShark should be able to do this. I don't really understand what you mean by incomplete MAC though. _________________ Before asking a question on the forums, update dd-wrt: Where do I download firmware? I suggest reading it all.
Some dd-wrt wiki pages are up to date, others are not. PM me if you find an old one, I am trying to update them.
Netgear R7800 - gateway, DHCP, QoS, VPN
TP-Link Archer C7 v2 x2 - WDS AP, WDS Station
TP-Link TL-WDR3600 v1 - WDS Station
TP-Link 841nd v8 - WDS Station
D-Link 615 C1 x 4 - not used
D-Link 615 E3 x 2 - not used
D-Link 825 B1 - WDS Station
D-Link 862L A1 x2 - WDS Station
Netgear WNDR3700v2 - WDS Station
UBNT loco M2 x2 - airOS
Asus N66U - backup Gateway
Netgear r6300 v1 - AP
Linksys E2500 - not used
Linksys EA2700 - not used
Linksys 160N v3 x2 - not used
Netgear WNDR3700v3 - not used
UBNT EdgeRouter X - not used
Where are you getting this info from? _________________ Segment 1 R9000 10Gb LAN, 1Gb ISP BS
Test Bed R9000 10Gb LAN
Wired AP 1 R9000 10Gb LAN
Wired AP 2 R9000 1Gb LAN
Wired AP 3 R9000 1Gb LAN
Test Bed R7800 1Gb LAN OpenWRT Kong
download1.dd-wrt.com/dd-wrtv2/downloads/betas/ (Brain Slayer)
Joined: 21 Jan 2017 Posts: 1098 Location: Illinois Moderator
Posted: Thu Aug 23, 2018 17:20 Post subject: Re: IN:CO:MP:LE:TE:01 mac
is there a way to identify the incomplete device's / mac address' ? Bounce out to the IP related identifies where data is being sent but need to know what device is sending..
I am guessing that you have "Info Site MAC Masking" turned on and so you only see the partial address.
Go to the admin tab and disable this feature; then, you will see the full Mac address listed. If you're going to do that, you should make sure to turn on "Info Site Password Protection" to try and keep this info private from any remote people trying to hack into your router. Be sure to use a pretty strong password to keep most out. Anything on the web is hackable, so....
Tell me if I'm wrong, to use wireshark, would have to setup a pc as a DMZ and route all thru it ? then wireshark could capture the traffic, but will shark display mac from the IP destination. not real familiar with shark, routers either, new territory for me.
incomplete macs on yamon are usually duplicate entries which happen most often when you use an endpoint or access point beyond the router running yamon. it also may show up when your public wan ip changes. sadly there is no gui method to house keep and remove them, so i give them a separate owner info and color in yamon so they don't sort together with other entries. another trick i do to accommodate yamon is to static ip all my known lan addresses so they can't expire so yamon can't later create more duplicate entries for them. honestly, yamon is an unstable mess and i'm done trying to trouble shoot it further, but it's linux router based donation ware, with a patient and communicative developer, so don't expect much and you'll be a lot happier with it. keep Shortcut Forwarding Engine Disable on the WAN Setup; a lot of new firmware builds enable it by default, and it's been known to interfere with Yamon.