deny booting in host statement?

perl-list perl-list at network1.net
Wed May 7 17:49:16 UTC 2014 

BTW - I was able to test this and it did work. Lines like this do function to block a mac address from getting an IP on the system: 

host bad_host1 { hardware ethernet 00:11:00:11:00:11; deny booting; } # MAC address has been denied booting 

----- Original Message -----

> From: "perl-list" <perl-list at network1.net>
> To: "Users of ISC DHCP" <dhcp-users at lists.isc.org>
> Sent: Friday, May 2, 2014 2:30:55 PM
> Subject: deny booting in host statement?

> I want to come up with a method to disallow certain mac addresses from
> getting an address via DHCP. deny booting seems to be the way. My reading of
> the man page appears to indicate that deny booting will work in the host { }
> declaration.

> The booting keyword

> allow booting;

> deny booting;

> ignore booting;

> The booting flag is used to tell dhcpd whether or not to respond to queries
> from a particular client. This keyword only has meaning when it appears in a
> host declaration. By default, booting is allow ed, but if it is disabled for
> a particular client, then

> that client will not be able to get an address from the DHCP server.

> So a line like this:

> host bad_client {hardware ethernet 00:03:91:BE:55:38; deny booting;}

> should cause the DHCP server to not allow the client to receive an IP
> address, correct? Has anyone done this and can confirm that it works?

> .................

> btw .. the man page says "This keyword only has meaning when it appears in a
> host declaration." for the booting keyword as shown above. I happen to know
> that it works in the global area as well. The following configuration works
> to deny clients with the matching mac prefix.

> if (binary-to-ascii(16,8,":",substring(hardware, 1, 3)) = "0:3:91") {
> deny booting;
> }

> Producing log messages like this (log message slightly altered to protect
> privacy):

> May 2 18:28:00 hostname dhcpd: DHCPDISCOVER from 00:03:91:f0:98:00 via
> 1.1.1.1: booting disallowed
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20140507/bdc1149b/attachment.html>

More information about the dhcp-users mailing list