Results 1 to 9 of 9

Thread: dhcp possiblities

  1. #1
    Join Date
    Aug 2013
    Beans
    52

    dhcp possiblities

    Let me know my friends is it possible to block a particular system with mac address in dhcp server is possible.I configured dhcp with static lease .If not what do I need to block particular system with the server ?



    Thanks

  2. #2
    Join Date
    Sep 2013
    Beans
    Hidden!
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: dhcp possiblities

    You should be able to configure this option from your router. I don't know a lot about IP tables in Linux, but I'm sure a Google search for IP tables in Linux would give you a plethora of options.

    Good Luck,
    Chris
    "Ignorance is short-lived, and knowledge is forever."


  3. #3
    Join Date
    Aug 2013
    Beans
    52

    Re: dhcp possiblities

    Thanks for the replay

    I select the ubuntu box as a dhcp becuse I use pfsense as a routing system that configured in a small system . that system takes more load if the dhcp server is on . that was my decission to create dhcp server box if it possible to controle the client system by the ubuntu box is better ,


    Thanks

  4. #4
    Join Date
    Aug 2013
    Beans
    52

    Re: dhcp possiblities

    Let me Know my friends were I can find the leased system in dhcp . which monitoring tool is yours prefference


    Thanks

  5. #5
    Join Date
    Feb 2011
    Location
    Coquitlam, B.C. Canada
    Beans
    1,913
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: dhcp possiblities

    You can block by mac address on your LAN with this iptables command (substitute for the proper mac address):
    Code:
    sudo iptables -A INPUT -i eth0 -m mac --mac-source 6C:BE:E9:A7:F1:07 -j DROP
    Depending on how you issue your IP addresses with your DHCP server, you might be able to block the undesired system by exclusion. For example, if you were to issue IP addresses based on MAC address.

    The leases file is typically at: /var/lib/dhcp/dhcpd.leases

    I do not know about monitoring tools.
    Any follow-up information on your issue would be appreciated. Please have the courtesy to report back.

  6. #6
    Join Date
    Aug 2013
    Beans
    52

    Re: dhcp possiblities

    Thanks for the path information
    The leases file is typically at: /var/lib/dhcp/dhcpd.leases
    and given iptables rule not work for me your suggestion is correct when I googled .but its not work for me any Idea will appreciate for block the dhcp client request with Iptables

    Thanks all the reders of the post

    Screenshot from 2014-01-16 16:00:26.jpg



    I tried it with port also nothing is happen to me . client still get the ip address and he is in the same ip when restart network
    Last edited by Rakesh_vijayan; January 16th, 2014 at 11:34 AM.

  7. #7
    Join Date
    Nov 2008
    Location
    Metro Boston
    Beans
    10,202
    Distro
    Kubuntu 14.04 Trusty Tahr

    Re: dhcp possiblities

    If you are using isc-dhcp-server to provide DHCP services, you can block machines from getting an address based on the machine's MAC address by adding entries to dhcpd.conf like this:

    Code:
    host badboy {
        hardware ethernet 00:11:22:33:44:55:66;
        deny booting;
    }
    Of course, that won't prevent an intelligent user from setting up a static IP on her machine. To actually block by MAC address you need an iptables rule of the type Doug suggested.
    If you ask for help, please have the courtesy to check for responses and thank the people who helped you.

    Blog · Linode System Administration Guides · Android Apps for Ubuntu Users

  8. #8
    Join Date
    Feb 2011
    Location
    Coquitlam, B.C. Canada
    Beans
    1,913
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: dhcp possiblities

    Your screen shot shows that your iptables rule has dropped 51 packets. So it appears to be working.
    Any follow-up information on your issue would be appreciated. Please have the courtesy to report back.

  9. #9
    Join Date
    Aug 2013
    Beans
    52

    Re: dhcp possiblities

    Quote Originally Posted by Doug S View Post
    Your screen shot shows that your iptables rule has dropped 51 packets. So it appears to be working.

    that I under stand Doug but the client system able to ip resolving and able to browse in internet .
    Code:
    SeijiSensei suggetion is work form me in case of dhcp lease 
    host badboy {
        hardware ethernet 00:11:22:33:44:55:66;
        deny booting;
    }
    let me know Doug why the client system still get access ......

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •