Block DHCP clients based on strings in hostname

Question

Using isc-dhcp-server on Debian Jessie, I'd like to block DHCP requests based on parts of their hostnames - specifically, if the hostname contains the RegEx string somewhere "iPhone|android-". My current solution is to wait until they have a lease, and monitor for those devices, and manually add the MAC address to the Blacklist file.

This black list method is getting quite large (almost 256 entries), and getting harder to maintain.

I understand how to check the beginning of the hostname to determine the class, but how do I check from any part of the hostname to determine which class to assign it?

score 3 · Accepted Answer · answered Feb 10 '17 at 19:27

3

It sounds like you're after the dhcp-client-identifier field, which may or may not be what you call the hostname. According to dhcp-eval(5), there may be a regex option available. If so,

class "iBan" {
    match if option dhcp-client-identifier ~= "iPhone";
}
class "bandroid" {
    match if option dhcp-client-identifier ~= "andriod-";
}

And then elsewhere deny members of those classes under the appropriate pool statement. (Or use a more complicated regex to do it in one class.)

answered Feb 10 '17 at 19:27

thrig

1,626
9
9

Just a note, `android` is misspelled – Canadian Luke Feb 10 '17 at 19:33
Testing this out, will report by Monday whether or not it worked (and mark it as such). I also read the documentation you posted, and I am going to try using `~~` instead - case insensitive search. – Canadian Luke Feb 10 '17 at 19:45
Freakin' Awesome! I haven't seen any new mobile devices all week! – Canadian Luke Feb 16 '17 at 23:35
False alarm - had one appear. The hostname is simply `iPhone`. Thoughts? – Canadian Luke Feb 22 '17 at 18:38

Block DHCP clients based on strings in hostname

1 Answers1