我无法成功将不同 mac 地址类别的混合与其相应的子网声明匹配。这些类别旨在区分 IP 电话、kvm 客户端和桌面。到目前为止,只有 IP 电话(grandstream 类别)正确。pcs 类别是不同种类 mac 地址的混合,但它们都属于同一类别(错误类别)。我想知道是否有人可以检查我的配置,并纠正我做错了什么?
class "grandstream" {
match if (substring(hardware, 1, 3) = 00:0b:82);
}
class "vms" {
match if (substring(hardware, 1, 3) = 52:54:00);
}
class "pcs" {
#match if not
#(substring(hardware, 1, 3) = 00:0b:82);
match if (binary-to-ascii (16,8,":",substring(hardware, 1, 3)) = "24:BE:05")
or (binary-to-ascii (16,8,":",substring(hardware, 1, 3)) = "00:1C:C0")
or (binary-to-ascii (16,8,":",substring(hardware, 1, 3)) = "A4:BA:DB")
or (binary-to-ascii (16,8,":",substring(hardware, 1, 3)) = "02:80:FD")
or (binary-to-ascii (16,8,":",substring(hardware, 1, 3)) = "5C:F8:A1");
log (debug, (binary-to-ascii (16,8,":",substring(hardware, 1, 3))));
}
#shared-network we-we {
subnet 192.168.1.0 netmask 255.255.255.0 {
pool {
range 192.168.1.10 192.168.1.210;
deny members of "grandstream";
allow members of "pcs";
allow members of "vms";
}
# Subnet for management network
subnet 192.168.10.0 netmask 255.255.255.0 {
pool {
deny members of "grandstream";
deny members of "pcs";
range 192.168.10.200 192.168.10.253;
}
# Subnet for future lan network
subnet 192.168.20.0 netmask 255.255.255.0 {
pool{
deny members of "grandstream";
deny members of "pcs";
range 192.168.20.10 192.168.20.210;
}
# Subnet for future servers network
subnet 192.168.30.0 netmask 255.255.255.0 {
pool {
deny members of "grandstream";
deny members of "pcs";
range 192.168.30.200 192.168.30.253;
}
# Subnet for future phone network
subnet 192.168.40.0 netmask 255.255.255.0 {
pool {
allow members of "grandstream";
deny members of "pcs";
range 192.168.40.200 192.168.40.240;
}
# Subnet for future wifi-guests network
subnet 192.168.50.0 netmask 255.255.255.0 {
pool {
deny members of "grandstream";
deny members of "pcs";
range 192.168.50.200 192.168.50.253;
}