LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 01-23-2004, 05:14 PM   #1
nmayotte
Member
 
Registered: Jan 2004
Location: Minnesota
Distribution: SuSE 8.0-9.0
Posts: 37

Rep: Reputation: 15
dhcpd.conf question


I'm trying to restrict my dhcp server to only allow known machines by their mac addresses. I'm using dhcpd (ISC). My question is, when I put an entry for each client I want to allow does the name after host have to be the accual hostname of the client computer, or is it just a name that the dhcpd server uses to refer to each mac address?
 
Old 01-26-2004, 08:50 AM   #2
peter_robb
Senior Member
 
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458

Rep: Reputation: 47
It's just the name used internally.
(It can be used to populate a dns structure later, but that's a different programme..)

dhcpd doesn't know about Micro$oft...
 
Old 01-26-2004, 07:59 PM   #3
nmayotte
Member
 
Registered: Jan 2004
Location: Minnesota
Distribution: SuSE 8.0-9.0
Posts: 37

Original Poster
Rep: Reputation: 15
thanks for the reply. Now I have another problem, I'm trying to restrict dhcpd so it only gives out ips to known computers (by mac address). here is my dhcpd.conf file:

subnet 134.84.86.0 netmask 255.255.255.0 {
# range 134.84.86.200 134.84.86.239;
option routers 134.84.86.254;

# pool{
option domain-name "stat.umn.edu";
option domain-name-servers 128.101.101.101;
range 134.84.86.200 134.84.86.239;

default-lease-time 600;
max-lease-time 7200;
# }
}

ddns-update-style none;
deny unknown clients;

authoritative;
log-facility local7;

host lab1 { hardware ethernet xx:xx:xx:xx:xx:xx; }
host antler { hardware ethernet xx:xx:xx:xx:xx:xx; }


when I try to start dhcpd it complains about the line "deny unknown clients". I tried moving that inside (and uncommenting) the pool and putting it before the subnet but nothing seems to work. Does anyone have any ideas?
 
Old 03-18-2004, 04:46 PM   #4
retiem
Member
 
Registered: Jul 2003
Location: Frankfurt, Germany
Distribution: Mint, Ubuntu, Knoppix, RHEL
Posts: 65

Rep: Reputation: 15
Yes, move the line Ędeny unknown clients;" inside the pool....

BUT you are forgetting a } sign! You have the one that ends your pool declaration, but you need one more to end your subnet declaration...
 
Old 03-18-2004, 05:24 PM   #5
jerky
Member
 
Registered: Jul 2003
Distribution: RH 7.3 , RH9,RHEL,FC
Posts: 38

Rep: Reputation: 15
iptables

You could always allow the mac addresses to your port 67/68 with iptables. and deny all others. There is an option in iptables to filter by mac address.

iptables -A INPUT -p tcp --dport 67:68 -m mac --mac-source 00:60:08:91:CC:B7 -j ACCEPT
iptables -A INPUT -p tcp --dport 67:68 -j DROP

of course list all wanted mac addresses before the -j DROP
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
dhcpd subnet declaration problems in dhcpd.conf vcrispo Linux - Networking 6 07-15-2005 11:32 AM
not getting /etc/dhcpd.conf sixth_sense Linux - General 12 04-09-2004 07:15 PM
dhcpd.conf question dlm4444 Linux - Networking 0 02-21-2004 05:16 PM
dhcp.conf or dhcpd.conf? rogerbennett Linux - Networking 3 09-03-2003 01:25 PM
dhcpd.master or dhcpd.conf rickg Linux - Networking 0 04-11-2002 04:34 PM


All times are GMT -5. The time now is 12:59 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration