[Dnsmasq-discuss] Question about dnsmasq dhcp-ignore

richardvoigt at gmail.com richardvoigt at gmail.com
Fri Feb 4 15:41:38 GMT 2011


On Fri, Feb 4, 2011 at 6:15 AM, mariodebian <mariodebian at gmail.com> wrote:
> Hi.
>
> This is my first message in this list, sorry if anyone made this
> question before.
>
> I have a simple /24 network with dnsmasq as DHCP server and DNS cache.
>
> dhcp-range=192.168.1.55,192.168.1.199,2h
> dhcp-option=option:router,192.168.1.1
> dhcp-option=option:dns-server,192.168.1.1
>
> The dynamic range is reserved for notebooks and other computers
> connected by wired or wireless...
>
> I want to block all mobile devices (iPhone, HTC, Blackberry...) first
> ignoring DHCP and second adding a DROP line to iptables with all ignored
> MAC.
>
> To ignore a MAC vendor range I use this:
>
> dhcp-ignore=tobeignored
> dhcp-mac=tobeignored,00:21:e9:*:*:*
>
> This works ok, but I want to have a white list, I had tried something
> like this:
>
> dhcp-ignore=!whitelist,tobeignored
> dhcp-mac=tobeignored,00:21:e9:*:*:*
> dhcp-mac=whitelist,00:21:e9:aa:aa:aa
>
> But, with this config, dnsmasq stop ignoring DHCP requests.
>
> How can I add 2 or more networks flags to dhcp-ignore?
> How can I negate the network flag in dhcp-ignore?
>
> I can't use "know "flag because I don't have all allowed MAC.
>
> dnsmasq version: 2.45-1+lenny1

Upgrade your dnsmasq.  Then you can have system like "bulkignore"
(based on vendor), "whitelist", and use the new "set-if" command to
combine them into a single "tobeignored" tag.

>
>
> Thanks for your help.
> --
> Greetings
> --
> http://mariodebian.com
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>
>



More information about the Dnsmasq-discuss mailing list