Limit DHCP requests with iptables - problem: Router
José Queiroz
zekkerj at gmail.com
Wed Feb 9 04:07:55 UTC 2011
2011/2/8 Alex Bligh <alex at alex.org.uk>
>
>
> --On 8 February 2011 08:17:51 +0000 Simon Hobson <dhcp1 at thehobsons.co.uk>
> wrote:
>
> My understanding is that the recent module for iptables can do this. But
>> I'm not sure if it can track arbitrary parts of the packet,
>>
>
> My understanding is it can (*), and there have been various examples
> (including yours) of how to do this. I'm not quite sure why people
> are claiming iptables is only capable of examining ip and "tcp/udp"
> headers, particularly when others have provided working examples.
>
>
>From the documentation, it seems that it cannot --- "recent" only tracks
source and destination address of marked packets. The trick is only track
the right packets...
> I'd repeat that in terms of maintainability, it might be easier to
> patch dhcpd, but for a small number of hosts, it appears eminently
> feasible.
>
>
Or fix the offending client...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20110209/5d981471/attachment.html>
More information about the dhcp-users
mailing list