Limit DHCP requests with iptables - problem: Router

Jürgen Dietl juergen.dietl at
Mon Feb 7 09:52:58 UTC 2011


last weeks I asked how to limit dhcp requests on a isc bind dhcp server.
There were about 500.000 requests from a crazy printer. I got many answers
and thank you for this. One of the solutions that I am most interested was
to limit the traffic with iptables. I did not know how many features the
"old ipchains" got with that new name - iptables.

So yes there is an option to limit special protocol and special port coming
from a MAC/IP-Adress. My problem is that the requests are all coming from a
router which works as ip-helper. So the MAC-Address for the request packet
is the MAC-Address from the router. The "real" mac-address from the pc is
only in the dhcp header.

My questioni:

Is there a possibility in iptables to read the dhcp-header for the mac
address and put THIS mac-address in the rule for traffic limitation?

Thanx a lot for all your help,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the dhcp-users mailing list