deny booting in host statement?
perl-list
perl-list at network1.net
Wed May 7 17:49:16 UTC 2014
BTW - I was able to test this and it did work. Lines like this do function to block a mac address from getting an IP on the system:
host bad_host1 { hardware ethernet 00:11:00:11:00:11; deny booting; } # MAC address has been denied booting
----- Original Message -----
> From: "perl-list" <perl-list at network1.net>
> To: "Users of ISC DHCP" <dhcp-users at lists.isc.org>
> Sent: Friday, May 2, 2014 2:30:55 PM
> Subject: deny booting in host statement?
> I want to come up with a method to disallow certain mac addresses from
> getting an address via DHCP. deny booting seems to be the way. My reading of
> the man page appears to indicate that deny booting will work in the host { }
> declaration.
> The booting keyword
> allow booting;
> deny booting;
> ignore booting;
> The booting flag is used to tell dhcpd whether or not to respond to queries
> from a particular client. This keyword only has meaning when it appears in a
> host declaration. By default, booting is allow ed, but if it is disabled for
> a particular client, then
> that client will not be able to get an address from the DHCP server.
> So a line like this:
> host bad_client {hardware ethernet 00:03:91:BE:55:38; deny booting;}
> should cause the DHCP server to not allow the client to receive an IP
> address, correct? Has anyone done this and can confirm that it works?
> .................
> btw .. the man page says "This keyword only has meaning when it appears in a
> host declaration." for the booting keyword as shown above. I happen to know
> that it works in the global area as well. The following configuration works
> to deny clients with the matching mac prefix.
> if (binary-to-ascii(16,8,":",substring(hardware, 1, 3)) = "0:3:91") {
> deny booting;
> }
> Producing log messages like this (log message slightly altered to protect
> privacy):
> May 2 18:28:00 hostname dhcpd: DHCPDISCOVER from 00:03:91:f0:98:00 via
> 1.1.1.1: booting disallowed
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20140507/bdc1149b/attachment.html>
More information about the dhcp-users
mailing list