Is it possible to block dhcp traffic using iptables?

networking linux wifi iptables dhcp

Solution 1:

enter image description here

I believe this is more or less the setup you envision. A connects to WiFi, and gets a IP address. B is connected to A via ethernet, and have their own (private RFC1918) IPs.

You want B to reach devices on the WiFi.

Now, A uses DHCP to get an IP on the WiFi interface. But it doesn't forward DHCP to different interfaces, unless you run a DHCP proxy. Furthermore, WLAN clients generally can't represent more than one MAC address, so somehow you'd have to assign an extra IP to A - or make A represent B's traffic on the WiFi.

The easy way to do this is to make A NAT traffic that's coming from ethernet, and forward it to wifi. This is what your home router does, and will allow B to talk to devices (and internet) on WiFi. Devices on that network will believe the traffic is coming from A, as they can't see B at all.

For how to NAT, see for instance this question.

You should not attempt to clone addresses or any similar silly ideas. IP's are meant to be unique.

Related

When Netfilter performes filtering in TCP/IP kernel network stack?
How i revert creating partition table inside a partition
Amazon SQS maximum in flight messages
nftables forwarding from wlan0 to eth0, but nothing happens
Change only 1 emails DNS to use another server but keep the other ones in my server [closed]
Solaris 10 stuck at boot
MySQL accessing a lot of deleted temp files
Duplicate Entry in outlook room list
Change diff format/output in Ansible? External diff command?
Copying files using multi threading increases performance - Why?
ipsec xfrm esp routing
How can I grant Dial-In / Network Access Permission to local account via command line?