On Fri, 2004-10-29 at 00:27 +0200, Bernd Eckenfels wrote: > On Thu, Oct 28, 2004 at 11:20:24PM +0200, Bart-Jan Vrielink wrote: > > On Thu, 2004-10-28 at 14:15 -0400, Larry Kelly wrote: > > > Help! Either iptables is not blocking DHCP requests or my understanding > > > of > > > how to configure iptables to block is incorrect (probably the later). > > > > > dhcpd installed and running (listening on all interfaces). > > > iptables configured to block incoming and outgoing udp traffic. > > DHCP is not UDP, it is protocol "bootp"
Huh? [EMAIL PROTECTED]:~$ getent protocols|grep -i bootp [EMAIL PROTECTED]:~$ getent services |grep -i bootp bootps 67/tcp bootps 67/udp bootpc 68/tcp bootpc 68/udp And as far as I can tell, it almost always uses udp, not tcp. > > dhcpd operates directly on the interface, right in front of the > > netfilter firewall. > > Nope. So it needs CONFIG_PACKET for no apparent reason? I lost count on the number of times I had to recompile a kernel because I forgot to include this one (and/or CONFIG_FILTER) and dhcp didn't work. -- Tot ziens, Bart-Jan Vrielink
