diff options
author | Jose Luis Duran <jlduran@users.noreply.github.com> | 2016-07-31 09:33:11 -0300 |
---|---|---|
committer | Jose Luis Duran <jlduran@users.noreply.github.com> | 2016-07-31 09:49:58 -0300 |
commit | 6d53301b1f612ff3e0490abbb46b53c50193b80b (patch) | |
tree | 5f371da5856faea710a120b778c21d7991927307 | |
parent | bfbfa4dd254c110db4122925d0a3716a34d4c664 (diff) | |
download | pfsense-6d53301b1f612ff3e0490abbb46b53c50193b80b.zip pfsense-6d53301b1f612ff3e0490abbb46b53c50193b80b.tar.gz |
services_dhcp: Ignore BOOTP queries
BOOTP leases do not have a maximum lease time by default, this could
potentially lead to a DHCP address pool exhaustion.
This commit adds an option to ignore BOOTP queries.
Redmine #4351
-rw-r--r-- | src/etc/inc/services.inc | 5 | ||||
-rw-r--r-- | src/usr/local/www/services_dhcp.php | 9 |
2 files changed, 14 insertions, 0 deletions
diff --git a/src/etc/inc/services.inc b/src/etc/inc/services.inc index d4ff09d..a5d4a71 100644 --- a/src/etc/inc/services.inc +++ b/src/etc/inc/services.inc @@ -866,6 +866,11 @@ EOPP; $dhcpdconf .= " max-lease-time {$poolconf['maxleasetime']};\n"; } + // ignore bootp + if (isset($poolconf['ignorebootp'])) { + $dhcpdconf .= " ignore bootp;\n"; + } + // netbios-name* if (is_array($poolconf['winsserver']) && $poolconf['winsserver'][0] && ($poolconf['winsserver'][0] != $dhcpifconf['winsserver'][0])) { $dhcpdconf .= " option netbios-name-servers " . join(",", $poolconf['winsserver']) . ";\n"; diff --git a/src/usr/local/www/services_dhcp.php b/src/usr/local/www/services_dhcp.php index f04b824..d16159d 100644 --- a/src/usr/local/www/services_dhcp.php +++ b/src/usr/local/www/services_dhcp.php @@ -167,6 +167,7 @@ if (is_array($dhcpdconf)) { $pconfig['domainsearchlist'] = $dhcpdconf['domainsearchlist']; list($pconfig['wins1'], $pconfig['wins2']) = $dhcpdconf['winsserver']; list($pconfig['dns1'], $pconfig['dns2'], $pconfig['dns3'], $pconfig['dns4']) = $dhcpdconf['dnsserver']; + $pconfig['ignorebootp'] = isset($dhcpdconf['ignorebootp']); $pconfig['denyunknown'] = isset($dhcpdconf['denyunknown']); $pconfig['nonak'] = isset($dhcpdconf['nonak']); $pconfig['ddnsdomain'] = $dhcpdconf['ddnsdomain']; @@ -532,6 +533,7 @@ if (isset($_POST['save'])) { $dhcpdconf['gateway'] = $_POST['gateway']; $dhcpdconf['domain'] = $_POST['domain']; $dhcpdconf['domainsearchlist'] = $_POST['domainsearchlist']; + $dhcpdconf['ignorebootp'] = ($_POST['ignorebootp']) ? true : false; $dhcpdconf['denyunknown'] = ($_POST['denyunknown']) ? true : false; $dhcpdconf['nonak'] = ($_POST['nonak']) ? true : false; $dhcpdconf['ddnsdomain'] = $_POST['ddnsdomain']; @@ -763,6 +765,13 @@ if (!is_numeric($pool) && !($act == "newpool")) { } $section->addInput(new Form_Checkbox( + 'ignorebootp', + 'BOOTP', + 'Ignore BOOTP queries', + $pconfig['ignorebootp'] +)); + +$section->addInput(new Form_Checkbox( 'denyunknown', 'Deny unknown clients', 'Only the clients defined below will get DHCP leases from this server.', |