LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-14-2008, 05:35 AM   #1
hohohann
LQ Newbie
 
Registered: Jan 2008
Posts: 4

Rep: Reputation: 0
Blocking IP range


Hi there,

The firewall in my office is running on Linux Redhat.
Every workstations' IP address is being assigned by the firewall using DHCP. I want to block/reserve a range of 20 IP addresses from 10.10.10.10 to 10.10.10.30 for future use.
In future, i want to allocate static IP from the mentioned range to certain new workstation.
How do i go about it?

Thanks.
 
Old 01-14-2008, 06:03 AM   #2
odcheck
Member
 
Registered: Aug 2006
Distribution: Fedora, CentOS, RHEL, Debian
Posts: 978

Rep: Reputation: 30
no sweat
just edit your /etc/dhcpd.conf
there you can specify this range not to be served.
 
Old 01-14-2008, 06:05 AM   #3
Jirka11
LQ Newbie
 
Registered: Jan 2008
Posts: 24

Rep: Reputation: 15
Quote:
Originally Posted by hohohann View Post
Hi there,

The firewall in my office is running on Linux Redhat.
Every workstations' IP address is being assigned by the firewall using DHCP. I want to block/reserve a range of 20 IP addresses from 10.10.10.10 to 10.10.10.30 for future use.
In future, i want to allocate static IP from the mentioned range to certain new workstation.
How do i go about it?

Thanks.
In your /etc/dhcpd.conf you should use
range 10.10.10.1 10.10.10.9
range 10.10.10.31 10.10.10.254

or directly reserv some IP addresses by:

host some-printer {
hardware ethernet 08:00:2b:4c:59:23;
fixed-address 10.10.10.10;
}
....
....

_____________________________________________
http://www.nmonitoring.com
 
Old 01-14-2008, 08:27 AM   #4
hohohann
LQ Newbie
 
Registered: Jan 2008
Posts: 4

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by odcheck View Post
no sweat
just edit your /etc/dhcpd.conf
there you can specify this range not to be served.
What are the commands like to specify the range not to be served?
thanks in advance.
 
Old 01-14-2008, 08:33 AM   #5
Emerson
LQ Guru
 
Registered: Nov 2004
Location: Saint Amant, Acadiana
Distribution: Gentoo ~arch
Posts: 5,895

Rep: Reputation: Disabled
First - see man pages
Second - Google
Still stuck? Ask your questions here.

http://linux.die.net/man/5/dhcpd.conf
 
Old 01-14-2008, 06:59 PM   #6
hohohann
LQ Newbie
 
Registered: Jan 2008
Posts: 4

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by Jirka11 View Post

host some-printer {
hardware ethernet 08:00:2b:4c:59:23;
fixed-address 10.10.10.10;
}

How do i determine the hostname of that particular hardware (printer, computer....) ?
 
Old 01-15-2008, 02:31 AM   #7
odcheck
Member
 
Registered: Aug 2006
Distribution: Fedora, CentOS, RHEL, Debian
Posts: 978

Rep: Reputation: 30
@hohohann

no problem just post me your /etc/dhcpd.conf
but please use (["code"] and paste [/code"])

or the otherway around

Code:
next-server             192.168.1.100;
option root-path        "192.168.1.100:/opt/ltsp/i386";

subnet 192.168.1.0 netmask 255.255.255.0 {            <---Here just shrink the iprange
    range   192.168.1.100   192.168.1.199;
    if substring (option vendor-class-identifier, 0, 9) = "PXEClient" {
        filename "/lts/2.6.16.1-ltsp-2/pxelinux.0";
    }
    else{
        filename "/lts/vmlinuz-2.6.16.1-ltsp-2";
    }
}
#
# If you need to pass parameters on the kernel command line, you can
# do it with option-129.  In order for Etherboot to look at option-129,
# you MUST have option-128 set to a specific value.  The value is a
# special Etherboot signature of 'e4:45:74:68:00:00'.
#
# Add these two lines to the host entry that needs kernel parameters
#
#        option option-128     e4:45:74:68:00:00;       # NOT a mac address
#        option option-129     "NIC=ne IO=0x300";

Last edited by odcheck; 01-15-2008 at 02:34 AM.
 
Old 01-16-2008, 12:47 AM   #8
hohohann
LQ Newbie
 
Registered: Jan 2008
Posts: 4

Original Poster
Rep: Reputation: 0
@odcheck

Let say i want to reserve a range of IP (10.10.10.150 t0 10.10.10.180) not to be distributed by DHCP. Can i do as follow:

Code:
# Sample /etc/dhcpd.conf
# (add your comments here)
ddns-update-style interim;
ignore client-updates;
subnet 10.10.10.0 netmask 255.255.255.0 { 
range 10.10.10.10 10.10.10.149; 
range 10.10.10.181 10.10.10.254;
default-lease-time 86400; 
max-lease-time 86400; 
option subnet-mask 255.255.255.0; 
option broadcast-address 10.10.10.255; 
option routers 10.10.10.1; 
option domain-name-servers 10.10.10.1, 202.75.129.101, 202.75.129.102, 210.19.58.2; 
option netbios-name-servers 10.3.4.3; 
option domain-name "abc.com"; option ip-forwarding off; 
option netbios-node-type 2;

	host SIEB_DB_MON {
		hardware ethernet 00:10:b5:cc:b1:1f;
		fixed-address 10.10.10.2;
	}
}

Last edited by hohohann; 01-16-2008 at 12:52 AM.
 
Old 01-16-2008, 07:17 AM   #9
akthktd
LQ Newbie
 
Registered: Jul 2007
Posts: 1

Rep: Reputation: 0
please help

How can I unblock sites in my college ?

We are using RedHat.

I want to log on to orkut.com









thanks
 
Old 01-16-2008, 11:43 PM   #10
odcheck
Member
 
Registered: Aug 2006
Distribution: Fedora, CentOS, RHEL, Debian
Posts: 978

Rep: Reputation: 30
@hohohann that should do the Trick :-)

and @akthktd how nice :-) then do it
this has nothing to do with this Thread, please open a new one.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables help please with blocking range of IPs lleb Linux - Software 7 02-26-2007 10:09 AM
How to see used IP-s from a range mrn Linux - Networking 2 11-06-2006 05:37 PM
Blocking IP Range basketkase999 Linux - Security 2 03-12-2005 12:23 PM
Out of range peterx1 Red Hat 1 09-17-2004 11:23 AM
out of range... andy010 Red Hat 5 11-19-2003 07:06 PM


All times are GMT -5. The time now is 06:22 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration