To add some filter rules in conf file

Ashmath Khan at
Tue Oct 20 18:08:12 UTC 2009

On Tue, Oct 20, 2009 at 11:24 PM, Bruce Hudson <Bruce.Hudson at> wrote:

> > Its NOT if it doesn't match any class, ignore the client. Its for some
> > match, ignore the client. Its bit tricky here. This would be possible use
> > variables but it doesn't work. thanks.
>     You can assign every client membership in exactly one class of your
> set of class according to any combination of conditions. That is step
> one. Step two maps the classes to your pools. If none of your pools has
> a permit for a given class, the members of that class are essentially
> ignored. You can also do this explicitly by including the "ignore booting"
> directive in the class definition.
> Thanks Bruce. This is a bit tricky as I mentioned before. Consider this:

I want to drop clients if its option 60 has the string "VIP".
so I have a class:
class "VIP" { match if substring(option 60, 0,3) = "VIP"; }
later I have other classes... etc
then I have the pool:
pool {
.... dummy..
deny members of "VIP";
later other pools etc.

Now, suppose, there is incoming packet from client which has option 60 and
string "VIP". It doesn't match the first pool. But there is a chance that it
could match other pools and that pool is assigned, there is no break or exit

   If you are having trouble working this out, you may want to build a
> test version of the server. Look at the debugging options in "site.h":
ok. thanks. Let me check this. Do you also know where is the log info stored
if I run with -f -q -d option ?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the dhcp-users mailing list