To add some filter rules in conf file
hashmat.email at gmail.com
Mon Oct 19 15:56:08 UTC 2009
Here's as example:
rule 1 type dhcp-option
rule 1 dhcp-option 60
rule 1 match-str "*VIP*"
rule 1 match-action discard
rule 1 absent-action continue
rule 2 type dhcp-option
rule 2 dhcp-option 60
rule 2 match-str "*"
rule 2 match-action pass
rule 2 match-pool 192.168.1.100
rule 2 match-option-group ""
rule 2 absent-action continue
On Mon, Oct 19, 2009 at 9:07 PM, Ashmath Khan <hashmat.email at gmail.com>wrote:
> Also from dhcpd.conf:
> If both permit and deny lists exist for a pool,
> then only clients that match the permit list and do not match the deny
> list will be allowed access.
> So it says we can mix allow and deny statements.
> On Mon, Oct 19, 2009 at 6:28 PM, Ashmath Khan <hashmat.email at gmail.com>wrote:
>> First off - please fix your mailer - it's isn't quoting material very
>>> clearly. Also, please stop crossposting to dhcp-users at isc.org which is
>>> an old list address and merely forwards to dhcp-users at lists.isc.org(making duplicate messages as it goes).
>> ok thanks.
>>> No idea about the code - you'll have to grab the source and take a look.
>>> Just be aware before you start that there are some very subtle nuances with
>>> DHCP that are easy to fall foul of.
>>> I do have one last idea, though if it will work or not I don't know. If
>>> you check "man dhcp-eval" you'll find there is an "if ... elseif ... else"
>>> mechanism. I could see the possibility of using this to set a variable to
>>> say how far a client matched your sequential list of tests - so you could
>>> drop out the test with a variable set to "r1", "r2" etc. Then configure your
>>> classes with match if <somevariable> = "r1" and so on.
>> Sorry, I can't make out much from this.
>>> Finally - what are you actually trying to achieve ?
>>> Let me point you to the initial post I sent to this list:
>> Basically I want to filter clients based on some rules and the actions
>> would be to either assign some pools to them or ignore those clients. If a
>> rule is met I don't evaluate further rules. Hope its clear now!
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the dhcp-users