Hi,
If you want to allow only specific MAC addresses to be able to use your WAN, then you need to create two traffic rules.
First, create a traffic rule similar to the one I have previously described. But this time, select MAC addresses that should be allowed internet access and select the action to 'accept'.
Create another traffic rule to drop all packets from LAN to WAN. Make sure that the second rule is below the first rule in Network -> Firewall -> Traffic rules.
With these configurations, devices with your listed MAC addresses will match the first rule and will be allowed to access the internet. Packets from devices with MAC addresses that do not match the first rule will be compared against the next rule in the traffic rules, which is to deny all packets from LAN to WAN. The packets will match this rule and will be dropped.
When it comes to DHCP, you can limit the DHCP IP addresses and setup static leases in Network -> Interfaces -> Static leases. This will ensure that the devices with matching MAC addresses will receive their designated IP addresses. However, if all the DHCP IP addresses are leased, some of your other devices might not be able to get a lease.
Also, have you tried to change the IP address of your LAN network to see if it helps with your issue?
Kind Regards,
Andzej