Prohibition of the Internet
syhshanda
syhshanda at 126.com
Wed Jan 13 11:32:02 UTC 2010
Hi,
The following is my situation:
I have a pool of IP in my dhcpd.conf file, but a rogue user manually configures his device
occasionally,sometimes he configure the right IP which in my dhcpd.conf file.So he can access Internet normally,but in my dhcpd.leases has not his record, in addition to bring some trouble to manage the lan for me. Thus, I want to prohibition he from accessing the Internet. Now, It sounds like the I cannot do this by dhcpd. Thanks for you help.
regards,
Bob
在2010-01-13?15:59:40,"Simon?Hobson"?<dhcp1 at thehobsons.co.uk>?写道:
>syhshanda?wrote:
>
>>Does?dhcpd?can?send?a?DHCPNAK?to?tell?the?client?it?should?stop?
>>using?the?address?actively?
>
>It?can?only?send?a?NAK?if?the?client?comes?along?with?a?DHCP?Request?
>message.?Since?the?client?won't?have?an?offer?with?an?address?to?
>request?(if?you've?followed?our?directions?and?blocked?the?dhcp?
>server?from?giving?one)?then?this?won't?happen.
>
>If?someone?manually?configures?a?device,?then?the?DHCP?server?is?
>**NOT**?involved?in?any?way?at?all?-?and?sending?NAKs?will?not?have?
>any?effect?on?the?client?as?it?won't?be?listening?for?them.
>
>As?you've?alreadu?been?told,?you?**CANNOT**?enforce?network?security?
>with?DHCP?(at?least?not?DHCP?alone).?If?you?have?a?device?to?exclude?
>from?your?network?then?you?**WILL**?need?some?other?security?
>mechanism?to?do?that.
>
>BTW?-?you?haven't?given?any?clues?about?the ssituation,?but?in?most?
>cases,?the?best?security?measures?often?aren't?technical?but?social?-?
>have?you?actually?tried?talking?to?the?user(s)?assuming?this?is?a?
>problem?with?one?rogue?user?attaching?devices?to?the?network??
>
>>How?to?configure?DHCP?to?_NOT_?give?a?device?an?address?
>
>That's?exactly?what?you've?just?been?told?!
>
>--?
>Simon?Hobson
>
>WANTED:?"Software?CD?ROM?Kit"?for?Canon?CLBP?360-PS?printer?(Canon?
>part?no?RH6-3612,?or?possibly?RH6-3810,?or?RH6-3610?might?do).?I've?a?
>dead?HD?and?need?this?CD?so?I?can?replace?the?disk?and?re-install?the?
>printer?OS?on?it.?If?anyone?knows?where?I?might?get?hold?of?one?I'd?
>be?grateful?-?requests?to?Canon?drew?a?blank,?it's?been?out?of?
>support?for?years.
>
>Visit?http://www.magpiesnestpublishing.co.uk/?for?books?by?acclaimed
>author?Gladys?Hobson.?Novels?-?poetry?-?short?stories?-?ideal?as
>Christmas?stocking?fillers.?Some?available?as?e-books.
>_______________________________________________
>dhcp-users?mailing?list
>dhcp-users at lists.isc.org
>https://lists.isc.org/mailman/listinfo/dhcp-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20100113/5323f18a/attachment.html>
More information about the dhcp-users
mailing list