prevent logging of dhcp requests from some clients

Olaf Hering olh at suse.de
Sun May 21 07:37:09 UTC 2006


At SuSE there is one dhcp server for all hosts. "Noone" can tweak the
config. A tool exists to teach this server about some ethernet hardware
addresses that it should ignore. 
This is required for systems that expect the TFTP and BOOTP server on
the same system. Another dhcp server exists that serves only those
systems, it ignores requests from all other hosts. Everything is working ok.

One thing that bothers me is that there are some (unknown) systems on the
network that constantly send out DHCPDISCOVER requests. They fill the log
of the second dhcp/tftp server. How do I teach dhcpd to ignore these requests?


dhcpd: DHCPDISCOVER from 08:00:0b:1e:13:8e via eth3: network 10.10.0/16: no free leases


After reading the dhcpd.conf man page, there is appearently no option to
ignore a specifc hardware address. I tried this, but it does not work:

group {
        host 08000b1e138e { hardware ethernet 08:00:0b:1e:13:8e; }
        deny booting;
}

group {
        host shit { hardware ethernet 08:00:0b:1e:13:8e; }
        deny unknown-clients;
}

iptables doesnt help either, dhcpd appearently listens "below" that
filter:

iptables -A INPUT -m mac --mac-source 08:00:0b:1e:13:8e -j DROP


I'm using DHCP Server V3.0.1rc13.
Any idea how to get rid of the syslog messages for 08:00:0b:1e:13:8e
(and others)?


More information about the dhcp-users mailing list