RE: filtering dhcp....
This is a discussion on RE: filtering dhcp.... within the IPFilter forums, part of the System Security and Security Related category; I'm using isc dhcp. The default policy is to deny everything. IPFilter is stopping the lease renewal but it ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
12-04-2004
|
|||
|
|||
RE: filtering dhcp....
I'm using isc dhcp. The default policy is to deny everything. IPFilter is
stopping the lease renewal but it is expected behavior. I want to let the machine send the renewal request and receive a response. But I'm not sure how to filter it. pass out on tlp0 proto udp from 0.0.0.0 port = bootpc to any \ port = bootps keep state Is the above valid, legal and the way to go? Thanks much! Steven -----Original Message----- From: Darren Reed [mailto:darrenr@reed.wattle.id.au] Sent: Saturday, December 04, 2004 11:22 AM To: Steven Miller Cc: ipfilter@coombs.anu.edu.au Subject: Re: filtering dhcp.... In some email I received from Steven Miller, sie wrote: > Can someone give a quick working example for filtering dhcp lease renewals? > The initial query and setup happens before ipf comes up. It's just the > renewal that I having a problem with! Be wary of expecting to be able to use ipfilter to control dhcp packet flows as often the programs involved use the NIC directly and don't use the normal path that IP packets take to get in/out of the system. Or are you saying that IPFilter is stopping the lease renewals ? Darren 
|
Linear Mode
