Re: iptables and dhcp configuration

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

On Wed, 2012-08-08 at 15:26 +0530, Jatin K wrote:
> is there any way or method available to configure iptables to allow only 
> dhcp server assigned ip , means if user manually sets his/her systems ip 
> address then Linux gateway(FC16) should reject it .
> user must use the ip address which is assigned by dhcp, ( dhcp server is 
> running on the same machine where iptables are installed, and machine is 
> acting as a gateway )

You could script something so that a computer added to the DHCP pool
gets added to the iptables rules, but can you actually achieve what you
want?

Are you simply blocking the client's access to the DHCP server (gateway
on it)?  That's easy enough to block via an IP rule.

Are you trying to block the client to anything, in which case your
gateway must actually be *between* the client and other things (merely
being on the same network isn't enough).  Otherwise, the gateway can
simply be bypassed.

And if a user manually assigns themselves the same IP, coincidentally,
should it be allowed or blocked?  Do you just care about the address, or
do you need a DHCP client acknowledge?

It sounds more like you need some sort of authentication system, rather
than just IP assignment.

-- 
[tim@localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686

Don't send private replies to my address, the mailbox is ignored.  I
read messages from the public lists.



-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org



Photo 4 Less

[Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Find Someone Special]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

Add to Google Powered by Linux