Re: [LUG] Refusing connections with DHCP

Fri, 17 Jun 2005 02:50:29 -0700


Why don't you simply deny the DHCP packets from that MAC address in the firewall.

But what happens when they catch on and assign themselves an IP address manually? wouldn't it be better so simply put an access list that denies on the gateway router or on the LAN switch?

Regards

CN


Lule George William <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED]

06/17/2005 12:23 PM

Please respond to
[EMAIL PROTECTED]; Please respond to
Linux Users Group Uganda <[email protected]>
To
[EMAIL PROTECTED]
cc
Linux Users Group Uganda <[email protected]>
Subject
Re: [LUG] Refusing connections with DHCP





Thanks Ernest,
Correct me if my interpretation of the conf below is wrong, but I think it
declares hosts 1, 2 ...(to whichever number I may feel like) along with their
MAC addresses after which it allows them to pick RANDOM ip addresses from a
pool.
This will not work in my case because it is hosts with known MAC addresses
that have their ip addresses fixed and any other to pick a random ip address
from a pool.
My problem now is that I want to be ban some MAC addresses from picking an IP
address completely!

On Friday 17 June 2005 11:59, Ernest Byaruhanga wrote:
> Lule George William wrote the following on 06/17/2005 10:30 AM:
>
> [...]
>
> > 2. Don't assign an IP address to that MAC address. I haven't
> > figured a way of doing this. Someone help out there.
>
> Assume u use linux, here's what your dhcp.conf file will contain:
>
>         # First deny unknown clients
>         deny unknown clients
>
>                  #declare all MAC addresses you want to lease to:
>                  host pc1 { hardware ethernet 00:07:72:3j:c6:a2;}
>                  host pc2 { hardware ethernet 00:02:60:65:ee:d4;}
>
>                  pool {
>                                   range 10.0.0.1 10.0.0.6;
>                                   default-lease-time 6788;
>                                   max-lease-time 78887;
>                                   deny unknown clients;
>                  }
>
> rgds.
> ernest

--
************************************************************************
Lule George William (Mr)
Network and Systems Administrator
Uganda Martyrs University, Nkozi
P.O. Box 5498 Kampala
Uganda
/* The only reason some people are alive is because it is illegal to shoot
them */
_______________________________________________
LUG mailing list
[email protected]
http://kym.net/mailman/listinfo/lug
%LUG is generously hosted by INFOCOM http://www.infocom.co.ug/
 
_______________________________________________
LUG mailing list
[email protected]
http://kym.net/mailman/listinfo/lug
%LUG is generously hosted by INFOCOM http://www.infocom.co.ug/

Reply via email to