| Main Archive Page > Month Archives > shorewall-users archives |
[Shorewall-users] Problems with dhcp
From: Ed W <lists_at_nospam>Date: Thu Apr 19 2012 - 20:58:42 GMT
To: Shorewall Users <shorewall-users@lists.sourceforge.net>
Hi, my dhcp configuration seems to be somewhat off
1) I don't put dhcp on any interface, however, there is no problem
starting dhcp client on my net interfaces eth0, eth1
2) shorewall isn't "started" on eth0 because it detected there was no IP
3) When I plug in the network cable I guess netfilter isn't fully
limiting eth0?
4) At some point during the interface coming up, one stray packet from
dhcp port 67, to my net ip port=68 arrives, this is then forwarded and
appears to try and exit via the next entry in my default routing table
(the route makes sense, but not why the packet is being forwarded when
it's destination is the eth0 ip ?)
5) Once the interface is up, my scripts start "shorewall enable eth0"
and at this point I can't repro the effect from outside using netcat...
I'm kind of stumped on the details here. How should I configure
shorewall so that it does restrict this interface listed as optional,
which is down at shorewall start?
Also how to block the stray packet which is bringing up my demand dial
ppp link? I can see it on the forward chain, but I'm stumped figuring
out how I should set a rule to target that?
Any thoughts on why my stack tries to forward this one packet (addressed
to the new eth0 ip)?
Thanks
Ed W
------------------------------------------------------------------------------
For Developers, A Lot Can Happen In A Second.
Boundary is the first to Know...and Tell You.
Monitor Your Applications in Ultra-Fine Resolution. Try it FREE!
http://p.sf.net/sfu/Boundary-d2dvs2
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users