Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- dhcp-host=00:11:22:33:44:55,192.168.1.100
- dhcp-host=00:11:22:33:44:56,192.168.1.101
- dhcp-host=00:11:22:33:44:57,192.168.1.102
- # Specify a subnet which can't be used for dynamic address allocation,
- # is available for hosts with matching --dhcp-host lines. Note that
- # dhcp-host declarations will be ignored unless there is a dhcp-range
- # of some type for the subnet in question.
- # In this case the netmask is implied (it comes from the network
- # configuration on the machine running dnsmasq) it is possible to give
- # an explicit netmask instead.
- #dhcp-range=192.168.0.0,static
- # Incoming DHCP, pass to chain processing DHCP
- iptables -t raw -A PREROUTING -p udp --dport 67 -j DHCP_clients
- # Allowed DHCP clients
- iptables -t raw -A DHCP_clients -m mac --mac-source 00:11:22:33:44:55 -j ACCEPT
- iptables -t raw -A DHCP_clients -m mac --mac-source 00:11:22:33:44:56 -j ACCEPT
- iptables -t raw -A DHCP_clients -m mac --mac-source 00:11:22:33:44:57 -j ACCEPT
- # Deny other clients not listed above
- iptables -t raw -A DHCP_clients -j DROP
- # Ignore any clients which are not specified in dhcp-host lines
- # or /etc/ethers. Equivalent to ISC "deny unknown-clients".
- # This relies on the special "known" tag which is set when
- # a host is matched.
- #dhcp-ignore=tag:!known
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement