m0n0wall version(s) that you use -- 1.8.1 built on Wed Jan 15 13:32:38 CET 2014
hardware details (type/make of NICs etc.) -- Soekris net4801 with 3 interfaces (LAN, Opt1, WAN)
all the steps needed to reproduce the problem -- I noticed this for the first time the other day. I was running an old build but updated to the latest version and the bug still exists. I haven't noticed it on the LAN interface, though I didn't test for it there. It definitely exists on the Opt1 DCHP Server interface, and this may be a more rare case and the reason the bug exists.
I have an IP address range setup. And a number of specific MAC address reservations (MAC -> IP Address mappings) outside of that range. I tried to remove the mapping for a device I wanted to prevent from gaining network access. It didn't work. I tried refreshing that device's lease and also switching it to a different wifi network and back to this one. It was issued an IP Address from the Range despite having it's reservation deleted and the Deny Unknown Clients box checked. (I saved the configuration after removing the MAC address to ensure this was not the source of the problem.)
OPT1 interface tab of DHCP Server CHECKED Deny unknown clients Only respond to reserved clients listed below. Subnet 192.168.2.0 Subnet mask 255.255.255.0 Available range 192.168.2.1 - 192.168.2.254 Range 192.168.2.200 to 192.168.2.230
DHCP client was issued IP address within Range despite "Deny Unknown Clients" box being checked.
|