Access Control

Glenn Satchell Glenn.Satchell at
Wed Nov 18 15:01:53 UTC 2009

>From: donovan jeffrey j <donovan at>
>To: Users of ISC DHCP <dhcp-users at>
>Subject: Access Control 
>Date: Wed, 18 Nov 2009 09:00:19 -0500
>X-BeenThere: dhcp-users at
>how do I setup access control in dhcpd? I have a MAC address that I  
>want to deny lease to. I'm not sure how to specify the deny statement.
># mysubnet
>subnet netmask {
>option routers
>option domain-name "";
>option domain-name-server "";
>somewhere in here I need to Deny lease to 00:00:00:12:34:5f
>any insight would be helpful

host "bad_host" {
	hardware ethernet 00:00:00:12:34:5f;
	ignore booting;

You can use "deny booting" and dhcpd will log a message each time.

Remember though, that the user could bypass dhcp and manually configure
a valid IP address and get full access. dhcp is not a security


More information about the dhcp-users mailing list