NxFilter Tutorial
DHCP
As of version 4.7.2.2, NxFilter includes a built-in DHCP server, allowing you to assign IP addresses automatically without using a separate DHCP device.

The DHCP server must be bound to a single IP address, and that IP address must be associated with a wired network interface.

DHCP > Setup
You can configure the DHCP server in the DHCP > Setup menu. The following options are available:

  • Listen IP - The IP address the DHCP server listens on.
  • Start IP / End IP - The range of IP addresses to be assigned.
  • Subnet Mask - The subnet mask for the network.
  • Gateway IP - The default gateway provided to clients.
  • DNS IP - The DNS server address provided to clients.
  • Lease Seconds - Lease duration in seconds.
  • Default Domain - The default domain name for clients.
  • NTP IP - Network Time Protocol server addresses for time synchronization.
  • TFTP Server - The TFTP server IP address for booting PXE clients.
  • Boot File - The filename of the bootloader to be delivered to PXE clients.
  • WPAD URL - The URL for Web Proxy Auto-Discovery configuration.
  • Maximum Pool Size - The maximum number of IP leases managed in memory.

When you change the Listen IP of the DHCP server, you must restart it. In other cases, the server will automatically reload the new settings.

DHCP > Leased IP
The list of currently leased IP addresses can be viewed in the 'DHCP > Leased IP' menu. For each device, you can see the assigned IP address, MAC address, hostname, and lease expiration time. If necessary, you can manually release an assigned IP address from this interface.

DHCP > Reserved IP
Reserved IP allows you to assign a fixed IP address to a specific MAC address. When a device with the registered MAC address connects to the network, it will always receive the designated IP address. This assignment takes precedence over the standard DHCP allocation. You can manage these entries in the 'DHCP > Reserved IP' menu.

DHCP > Allowed MAC
The Allowed MAC feature restricts DHCP access to only the MAC addresses you have registered. Devices not included in this list will not be able to receive an IP address from the DHCP server. This works similarly to MAC address authentication and provides enhanced access control.

DHCP > Denied MAC
The Denied MAC feature blocks specific devices from receiving an IP address from the DHCP server. When a MAC address is added to this list, any device using it will be explicitly denied DHCP service. This feature is useful for blocking unauthorized or suspicious devices from accessing the network.