Refuse RFC1918 offers on DHCP WAN
-
On 2.3.x, if I want to reject DHCP offers from 192.168.100.0/24 how should that be entered?
When I try to enter it like this, it gets rejected for syntax:
-
I split this off since the other post was 3 years old and this is a different question.
You don't need to reject the entire subnet, just the DHCP server in that subnet, which is probably your modem at 192.168.100.1
-
Thanks Jim. Ok, I know in a past version (maybe 2.2 or 2.1) it did accept a subnet there. If it only accepts individual IPs now, the wording beneath the field should remove the "…place the IP address or subnet of the DHCP server…" since that is a bit confusing.
-
So you can not use subnet? What if your isp has a bunch of dhcp servers on the same subnet you want to block and only accept IP from different set of dhcp servers?
I agree with luckman212 if you can not use subnet in some form of /cidr or whatever then the "or subnet" should prob be removed from the description ;)
" -
The text probably needs to be corrected. It may have allowed the entry before but I don't think it worked. According to the man page it only takes an IP address.
reject ip-address;
The reject statement causes the DHCP client to reject offers from
servers who use the specified address as a server identifier.
This can be used to avoid being configured by rogue or misconfig-
ured DHCP servers, although it should be a last resort - better
to track down the bad DHCP server and fix it. -
I pushed a change to fix the description so that it only lists IP address, not subnet.
-
Thanks! I was about to submit my own PR but as I was about to push it, I noticed that you had already changed the text ;)