Eddie -- MAC filtering won't help. This is a WAN-side attack.
This is the log from my NAS.
My router has a port open so I can access the Media Station from the internet. It would be nice to be able to block IP's if I detect a hack attempt.
That will get old.
Make sure your NAS security is tight. If it's open to the Internet, it's going to be probed.
You can reduce these -- these measures are more prevention than security.
If you want to limit your port-forward entry to IP addresses on the network that you'll use when you're away, then you can do that (the IP addy that was attacking you first was in Brazil).
If possible, use a port that doesn't match a frequently-attacked service. This is tougher if your NAS or router won't support it.
HTH