To add some filter rules in conf file
Simon Hobson
dhcp1 at thehobsons.co.uk
Mon Oct 19 07:01:54 UTC 2009
Ashmath Khan wrote:
>So then how do I make sure it picks always from pool 1 when it
>matches ? Or is there a way I can make it to 'exit' when it finds
>the first match ?
Simple - you apply allow or deny directives such that any client is
only eligible to get an address from the pool(s) you want. Eg :
pool {
allow members of "a";
...
}
pool {
allow members of "b";
...
}
pool {
deny members of "a";
deny members of "b";
...
}
In this example, members of "a" are allowed only the first pool,
members of "b" are allowed only the second pool, and anything else is
allowed only the third pool.
Note that if you use an allow statement, then anything not explicitly
allowed is implicitly denied - and vice-versa when you use a deny. So
in the first pool, anything NOT a member of "a" is implicitly denied
- you don't need to explicitly deny members of "b". In the last pool,
anything not in classes "a" and "b" is implicitly allowed.
Statements are not executed in order, there is no "match this pool,
match this pool, and only fall through to this pool if the previous
ones don't match" capability. Internally, a lot of stuff is stored in
hashed lists - so it's possible that things may not even be evaluated
in the order they are written in the config file.
Lastly, you are strongly advised not to try mixing allow and deny in
one pool. Again, they are *not* executed in order until a match is
found like some other software packages and the results may be
non-intuitive. It's best to stick to either allow, or deny, within
each pool.
--
Simon Hobson
Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.
More information about the dhcp-users
mailing list