deny booting in host statement?
perl-list
perl-list at network1.net
Fri May 2 18:30:55 UTC 2014
I want to come up with a method to disallow certain mac addresses from getting an address via DHCP. deny booting seems to be the way. My reading of the man page appears to indicate that deny booting will work in the host { } declaration.
The booting keyword
allow booting;
deny booting;
ignore booting;
The booting flag is used to tell dhcpd whether or not to respond to queries from a particular client. This keyword only has meaning when it appears in a host declaration. By default, booting is allow ed, but if it is disabled for a particular client, then
that client will not be able to get an address from the DHCP server.
So a line like this:
host bad_client {hardware ethernet 00:03:91:BE:55:38; deny booting;}
should cause the DHCP server to not allow the client to receive an IP address, correct? Has anyone done this and can confirm that it works?
.................
btw .. the man page says "This keyword only has meaning when it appears in a host declaration." for the booting keyword as shown above. I happen to know that it works in the global area as well. The following configuration works to deny clients with the matching mac prefix.
if (binary-to-ascii(16,8,":",substring(hardware, 1, 3)) = "0:3:91") {
deny booting;
}
Producing log messages like this (log message slightly altered to protect privacy):
May 2 18:28:00 hostname dhcpd: DHCPDISCOVER from 00:03:91:f0:98:00 via 1.1.1.1: booting disallowed
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20140502/151bc0cf/attachment.html>
More information about the dhcp-users
mailing list