On Thursday 11 September 2003 15:40, Brent Herring wrote: > I would like to restrict DHCP services by workstation MAC address. I > would like for dhcpd to only respond to work stations with a known > MAC address. > > I used iptables rules to ACCEPT requests to the DHCP server only from > the known MAC address(es) and this works fine for workstations on the > same subnet as the DHCP server. However, when I expand the service to > multiple subnets across a router the DHCP request packet comes > through with the MAC address of the router port so my iptables rule > does not stop it. > > Obviously, dhcpd knows the workstation MAC address, but I don't know > how I can get/use the information to accomplish what I want. Is it > possible to do what I am trying to do? > > In case you're wondering, the reason I'm trying to do this is to > prevent people from brining their virus infected laptops onto campus > and having them start broadcasting all over our nice clean network. > > D. Brent Herring > Computer Services > University of Central Arkansas
With features like zeroconf running now-a-days on both Windows and Linux I'm not sure what restricting IP address assignments would do as the machine would still have a self-assigned IP to use unless you filter out that range on your all your networks too. If you have late revision RH boxes on your network you'll also want to check this since it seems, by default, to assign the zeroconf addresses to its interfaces. Regards, Mike Klinke -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
