To add some filter rules in conf file

Tue Oct 20 13:38:11 UTC 2009

I did also try with some dummy option like:
if substring (option vendor-class-identifier, 0, 4) = "MSFT" {
option nds-context "1";
} elsif substring (option dhcp-option-overload, 0, 4) = "MSFT" {
option nds-context "2";
} elsif not exists dhcp-option-overload {
option nds-context "21";
}
and then using
class "Crule1" {
match if config-option nds-context = "1";
}
And it didn't work!

On Tue, Oct 20, 2009 at 5:41 PM, Ashmath Khan <hashmat.email at gmail.com>wrote:

>
>> rule 1: If its red, use the red pool, else
>> rule 2: If its fat, use the fat pool, else
>> rule 3: If its tall, use the tall pool, else
>> rule 4: Use the cold pool
>>
>> You'd express this in terms of :
>> If it's Red, then set kind:=red
>> Elseif it's fat, then set kind:=fat
>> Elseif it's tall, then set kind:=tall
>> Else, set kind:=cold
>>
>> Then you'd have classes like this :
>> Class "red" { match if kind="red" ; ...}
>> Class "fat" { match if kind="fat" ; ...}
>> Class "tall" { match if kind="tall" ; ...}
>> Class "cold" { match if kind="cold" ; ...}
>>
>> You now have four classes that are mutually exclusive and so you just have
>> to "allow member of ..." a single class in each pool.
>>
>> It's not something I've ever tried. I'd hope that the expression and
>> conditionals would be evaluated before evaluating the class memberships - if
>> not then it can't ever hope to work.
>>
> This seems to be a good idea. I tried and it didn't work. I tried many
> possibilities with having quotes, removing quotes etc. The dhcpd didn't
> respond with dhcp offer which means it didn't hit any class. Here is the
> last version i tried:
> subnet 192.168.1.0 netmask 255.255.255.0 {
>
> default-lease-time 86500;
> max-lease-time 86500;
> option routers 192.168.1.254;
>
> set kind = 0;
>
> if substring (option vendor-class-identifier, 0, 4) = "MSFT" {
> set kind = 1;
> } elsif substring (option dhcp-option-overload, 0, 4) = "MSFT" {
> set kind = 2;
> } elsif not exists dhcp-option-overload {
> set kind = 21;
> }
>
>
> class "Crule1" {
> match if kind = "1";
> }
>
> pool {
> option router-discovery off;
> option domain-name-servers 192.168.1.254, 192.168.1.202;
> range 192.168.1.87;
> allow members of "Crule1";
> }
>
> class "Crule2" {
> match if kind = "2";
> }
>
> pool {
> option router-discovery off;
> option domain-name-servers 192.168.1.111;
> range 192.168.1.117;
> allow members of "Crule2";
> }
>
> class "Crule2A" {
> match if kind = "0";
> }
>
> pool {
> option router-discovery on;
> option domain-name-servers 192.168.1.222;
> option boot-size 512;
> range 192.168.1.237;
> allow members of "Crule2A";
> }
>
>
> }
>
>
>
>>  Finally - what are you actually trying to achieve ?
>>>>
>>> My objective is to classify clients! To allow some clients certain pools,
>> to block some clients etc.The application could be a router running dhcp
>> server for some organisation.
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20091020/2584dfe1/attachment.html>