Chris I wrote: > Hi. > > I, and many others at my school are having a problem with (at least) > one person running a DHCP server on their laptops. People often get > invalid addresses due to this and cannot (easily) access network > resources. It's so far been fairly hard to track down this individual, > so we can't disable the server. > > Short from trying harder to find him and kicking him in the shins, can > anybody think of a way to block dhcp servers, or to specify which is > allowed to be used. I've tried ip and mac filtering in iptables, but it > doesnt seem to be effective.
Below is a snip from the FIRE|GATE IPTABLES Script if you wish to only allow DHCP address from a certain server. For finding the rouge server I would suggest placing a sniffer or two in a couple key areas of the network and see if you can collect the offending machines MAC. Or get IPTABLES to log the attempted delivery if the rouge DHCP addy and collect the MAC. >From that see if you can find a way to block that person's machine from getting a valid IP from you >:-). Once the user starts complaining about not getting an address then politely ask for the HIS/HER MAC address. While the user is gone, call your other admin buddies to help you throw a sock party for this ingrate once he/she is proven guilty. <snip> # Program Name = FIRE|GATE # Copyright 2002 Jeff Bonner ([EMAIL PROTECTED]) DHCP="66.23.193.69" # DHCP server(s) to allow ### ALLOW DHCP LEASE & RENEWAL ----------------------------------------------- # # If running a DHCP server internally, you may need different/additional # rules here. # for d in $DHCP; do $IPT -A INPUT -p udp -s $d --sport 67 -d 0/0 --dport 68 -j ACCEPT done </snip> I hope this helps, James -- [EMAIL PROTECTED] mailing list
