iptables and dhcp configuration
Mihamina Rakotomandimby
mihamina at rktmb.org
Thu Aug 9 07:15:39 UTC 2012
On 08/08/2012 12:56 PM, Jatin K wrote:
> is there any way or method available to configure iptables to allow only
> dhcp server assigned ip
To acheive this
* I setup a (CSV) file listing IP ans MAC
* I write a script building the DHCP configuration file from it
* I write an iptables script to forward only (IP, MAC) tuple, dropping
whetever alse
* I only use the CSV file when adding a new host to the LAN
** I flush+rebuild iptables rules & restart DHCPd when I add a new host
Drawback:
- On the LAN, one can always steal an IP address
- You need to control duplicate when LAN grows (mine is a /16)
--
RMA.
More information about the users
mailing list