Configure dhclient to check value of DHCP options
Abd4llA
abd4lla at ahmedabdalla.net
Tue Jul 21 13:22:57 UTC 2009
Hi,
I was facing the same situation in my company last week, so I had to create
the attached patch for dhcp-4.1.0p1.
The patch allows you to specify in the dhclient.conf to require a specific
option be sent with a specific value.
The require statement is as follows:
require [<option_name> , ] [option <option_name> <value> , ] .... ;
so for example:
require option vendor-encapsulated-options "ISC";
or
require time-offset, option vendor-encapsulated-options "ISC";
I'm gonna post this patch to the dhcp-hackers mailing list.
On Tue, Jul 21, 2009 at 10:22 AM, Sten Carlsen <stenc at s-carlsen.dk> wrote:
> How about using a number of uncommon options? It would be strange that
> "some" other server could give out a number of unusual options.
>
> You could even define your very own option that nobody else would know
> about.
>
> I can't tell you how but somebody else will be able to.
>
>
> Jon Smaller wrote:
> > Hi Alan,
> >
> > That approach would work but would involve having firewall rules on
> > each of the boxes ... And for different installations of our
> > monitoring solution, the main DHCP server would have different ip
> > addresses, thus increasing the configuration complexity of the
> > individual boxes (I intend to have a large number of these monitoring
> > boxes in the field).
> >
> > Also were the IP/NIC of the main server to change, then we would have
> > to manually reconfigure the firewall rules on each of these boxes,
> > which could number in the hundreds.
> >
> > Jon
> >
> >
> >
> > On 20/07/2009, at 6:58 PM, A.L.M.Buxey at lboro.ac.uk wrote:
> >
> >> Hi,
> >>
> >> you know your servers - their IP and MAC addresses - so just stick
> >> a host-based firewall (eg iptables for linux) onto your box
> >> and configure it to only allow DHCP to pass through from your
> >> boxes?
> >>
> >> alan
> >> _______________________________________________
> >> dhcp-users mailing list
> >> dhcp-users at lists.isc.org
> >> https://lists.isc.org/mailman/listinfo/dhcp-users
> > _______________________________________________
> > dhcp-users mailing list
> > dhcp-users at lists.isc.org
> > https://lists.isc.org/mailman/listinfo/dhcp-users
>
> --
> Best regards
>
> Sten Carlsen
>
> No improvements come from shouting:
>
> "MALE BOVINE MANURE!!!"
>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
>
--
Ahmed Abdalla
Software Engineer
Sun Team.
Thebe Technology. Egypt - Belgium
16 Nehro St. Heliopolis. Cairo
Egypt.
http://www.sun.com/software/q-layer/
http://www.thebetechnology.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20090721/bbbb661b/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dhcp-4.1.0p1-BO-210709.patch
Type: text/x-patch
Size: 12435 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20090721/bbbb661b/attachment.bin>
More information about the dhcp-users
mailing list