diff --git a/config/vcpe.cfg b/config/vcpe.cfg
index 4f40009..784a926 100644
--- a/config/vcpe.cfg
+++ b/config/vcpe.cfg
@@ -99,6 +99,8 @@ application:
         # replication = ["10.10.0.1", "10.10.0.2"];
         # MAC地址黑名单
         # mac_filter = ["00:01:02:03:04:07", "00:01:02:03:04:01"];
+        # 数据包过滤器
+        net_filter = "vlan and udp and port 67 and port 68";
         # IP地址池配置
         range_set: (
             {   dhcp_range = "192.168.101.0-192.168.101.4";
diff --git a/srcs/libs/configure/config.c b/srcs/libs/configure/config.c
index bf73858..267948b 100644
--- a/srcs/libs/configure/config.c
+++ b/srcs/libs/configure/config.c
@@ -120,6 +120,7 @@ static CFG_ITEM g_cfgItem[] = {
     DEF_CFG_ITEM(CFG_DHCP_LISTEN_ON, "dhcp_server.listen_on", VAL_ARRAY_STR, "", "DHCP listen interface"),
     DEF_CFG_ITEM(CFG_DHCP_REPLICATION_SVR, "dhcp_server.replication", VAL_ARRAY_STR, "", "DHCP replication server configure"),
     DEF_CFG_ITEM(CFG_DHCP_RANGE_SET, "dhcp_server.range_set", VAL_ARRAY_OBJ, "", "DHCP IP pool"),
+    DEF_CFG_ITEM(CFG_DHCP_NET_FILTER, "dhcp_server.net_filter", VAL_STR, "", "DHCP packet filter"),
     DEF_CFG_ITEM(CFG_DHCP_MAC_FILTER, "dhcp_server.mac_filter", VAL_ARRAY_STR, "", "DHCP client MAC address black list"),
     DEF_CFG_ITEM(CFG_DHCP_NIC_NAME, "dhcp_server.nic", VAL_STR, "ens192", "DHCP server network interface name"),
 #endif
diff --git a/srcs/libs/configure/config_help.c b/srcs/libs/configure/config_help.c
index 99547ff..5e600c7 100644
--- a/srcs/libs/configure/config_help.c
+++ b/srcs/libs/configure/config_help.c
@@ -46,6 +46,10 @@ c_vector config_get_dhcp_replication_svr() {
     return cfg_get_vector(CFG_DHCP_REPLICATION_SVR);
 }
 
+const char *config_get_dhcp_net_filter() {
+    return cfg_get_string_value(CFG_DHCP_NET_FILTER);
+}
+
 c_vector config_get_dhcp_mac_filter() {
     return cfg_get_vector(CFG_DHCP_MAC_FILTER);
 }
diff --git a/srcs/libs/include/config.h b/srcs/libs/include/config.h
index b78ba35..a667d6b 100644
--- a/srcs/libs/include/config.h
+++ b/srcs/libs/include/config.h
@@ -79,6 +79,7 @@ typedef enum {
     CFG_DHCP_LISTEN_ON,
     CFG_DHCP_REPLICATION_SVR,
     CFG_DHCP_RANGE_SET,
+    CFG_DHCP_NET_FILTER,
     CFG_DHCP_MAC_FILTER,
     CFG_DHCP_NIC_NAME,
 #endif
@@ -152,6 +153,7 @@ c_vector     config_get_dhcp_server_range_set();
 c_vector     config_get_dhcp_listen_on();
 c_vector     config_get_dhcp_replication_svr();
 c_vector     config_get_dhcp_mac_filter();
+const char  *config_get_dhcp_net_filter();
 const char  *config_get_dhcp_nic_name();
 #endif
 
diff --git a/srcs/service/dhcpd/dhcpd_network.c b/srcs/service/dhcpd/dhcpd_network.c
index c28abf7..1887b6e 100644
--- a/srcs/service/dhcpd/dhcpd_network.c
+++ b/srcs/service/dhcpd/dhcpd_network.c
@@ -642,7 +642,7 @@ void init_filter(const char *pNetFilter) {
     static pcap_t *pd;
     pd = pcap_open_dead(DLT_EN10MB, MAXIMUM_SNAPLEN);
     struct bpf_program fcode;
-    //char              *cmd_buf = "vlan and udp and port 67 and port 68";
+
     pcap_compile(pd, &fcode, pNetFilter, 1, 0);
 
     struct bpf_insn    *insn      = fcode.bf_insns;
@@ -691,7 +691,7 @@ int dhcpd_init() {
 
     get_nic_info(g_nicInfo.pIfName, &g_nicInfo.ipAddr, &g_nicInfo.netmask, NULL, g_nicInfo.macAddr);
 
-    init_filter("vlan and udp and port 67 and port 68");
+    init_filter(config_get_dhcp_net_filter());
 
     ret = create_udp_raw_socket(g_nicInfo.pIfName);
     if (ret != ERR_SUCCESS) {