Limit DHCP requests with iptables - problem: Router
Peter Rathlev
peter at rathlev.dk
Wed Feb 9 16:04:10 UTC 2011
On Wed, 2011-02-09 at 12:25 -0200, José Queiroz wrote:
> 2011/2/9 Peter Rathlev <peter at rathlev.dk>
> > The thread has since moved on to discussing different ways of
> > detecting the misbehaving clients. And iptables alone simply cannot
> > do what you describe.
>
> Yes, iptables can do it. It's just a matter of how to chain the tests.
No, iptables can IMHO not do this. I don't understand why people keep
saying it can. I provided a working example (using a string match) for a
_known_ MAC address, but I'm pretty sure iptables cannot do it for an
unknown MAC address.
If you insist it can then please provide a working example of limiting
DHCP requests based on the MAC address contained inside the DHCP packet
only using iptables commands. And remember: You don't know the MAC
address in advance.
--
Peter
More information about the dhcp-users
mailing list