Project

General

Profile

Feature #2241

DHCP - prevent dhcpd from handing out leases to certain MAC addresses

Added by Dim Hatz almost 6 years ago. Updated about 2 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
DHCP Server
Target version:
-
Start date:
02/28/2012
Due date:
% Done:

0%


Description

Prevent ISC DHCP server from offering IP addresses to certain clients, typically a partial match of their MAC address. See discussion at http://forum.pfsense.org/index.php/topic,45596.0/all.html

One approach using ISC dhcpd would be to define class(es) and deny them in dhcpd.conf e.g.

subnet 192.168.100.0 netmask 255.255.255.0 {
    class "myphones" {
    match if (substring (hardware, 1, 3) = 00:19:66 );
    }
    pool {
        range 192.168.100.100 192.168.100.200;
        deny members of "myphones";
    }
    option routers 192.168.100.1;
    option domain-name-servers 192.168.100.1;
    default-lease-time 14400;
    max-lease-time 28800;

}

History

#1 Updated by Chris Buechler almost 6 years ago

  • Category set to DHCP Server
  • Status changed from New to Needs Patch

#2 Updated by Jim Pingle over 5 years ago

  • Status changed from Needs Patch to Feedback

Implemented in 1f1a08c (and a fix in 80d30a8)

#3 Updated by Luke Hamburg about 5 years ago

Thank you for this patch, however I would still like to see 2 checkboxes added to the GUI to control the following flags:

$dhcpdconf .= "not authoritative;\n"; (set to either "*authoritative*" or "*not authoritative*")

$dhcpdconf .= "always-broadcast on\n"; (set to either "*on*" or off")

#4 Updated by Jim Pingle about 5 years ago

Unrelated to this ticket. Open a new feature request ticket for each of those separately.

#5 Updated by Chris Buechler about 2 years ago

  • Status changed from Feedback to Resolved

Also available in: Atom PDF