Dan, Did you ever get an answer for this? I am having the same issue.
Thanks, _______________________________________ Chris Mielke | Lead, ISS Network Systems Drake Technology Services (DTS) | Drake University T 515.271.4640 E [email protected] On 10/31/14, 11:52 AM, "Dan Ratzlaff" <[email protected]> wrote: >I'm trying to set up pf in inline-only mode for guest Internet access at >our company. I have it set up like this: > >Guest LAN (10.x.x.x) > | > | > | eth1 (inline) >+=====+ >| pf |eth2------Internet (default gateway) >+=====+ > | eth0 (mgmt.) > | > | >Corporate LAN (172.x.x.x) > >Currently pf detects all the nodes on our corporate LAN, and there are a >lot. But they have their own way of accessing the Internet, so those >nodes just clutter up pf. How can I configure PacketFence to not detect >nodes on the Management interface? The only thing I need the management >interface for is configuration. > >I've tried disabling the DHCP listener altogether >(pfdhcplistener=disabled in [services]) but it still runs anyway. I've >also tried modifying iptables.conf, commenting out the lines that accept >67/udp and 67/tcp on the management interface. Are the nodes being >picked up from other broadcasts or ARP? Is there any way of keeping >these nodes out of PacketFence? > >Thanks! > >-- Dan > >-------------------------------------------------------------------------- >---- >_______________________________________________ >PacketFence-users mailing list >[email protected] >https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
