How blocks clients (from internet)
Ben Humpert
ben at an3k.de
Fri Mar 20 12:41:17 UTC 2015
2015-03-20 13:04 GMT+01:00 Pol Hallen <dhcpml at fuckaround.org>:
> Hi all :-)
>
> I've this config. "option routers" is commented (and also ip-forwarding is
> to off), my mobiles instead can connect to internet. How I permanently
> blocks all mobiles from internet?). If a client known IP of routers can
> use static IP and add also IP of routers to goes to internet. What's the
> best way?
> Thanks for help!
You can't do that with DHCP. You'll have to add a firewall rule
(iptables for example). The easiest solution might be placing the
mobile users into their own subnet and block all LAN <-> WAN traffic
for that subnet. If you are already working with VLAN you could
disallow the mobile users VLAN to talk to the router (and vice-versa)
but the effort for implementing VLAN just for blocking internet
traffic is not worth it.
More information about the dhcp-users
mailing list