Dear .debs, I am playing with packet filtering on a DHCP client and trying to get it done the right way. Policy for all built-in chains is DROP and all packets are logged before they go plonk. I pulled the network cable while playing around.
Debian GNU/Linux 3.0 kernel 2.4.18-tux, iptables 1.2.5-7, dhcp-client 2.0pl5-7 Basically, I'd like to keep the setup as closed as possible so I make a hole in /etc/dhclient-enter-hooks during the PREINIT stage to let the DHCPDISCOVER broadcast out (and a reply back in eventually, taking this one step at a time ;-). At least, that's what I thought I should do, but I noticed that packets are not logged! That is, if I don't open up said hole, there is nothing in the logs! I also inserted logging rules at the very beginning of all built-in chains, but I still don't see the broadcast logged by iptables. Only the dhcp-client message saying it is broadcasting to 255.255.255.255 on port 67 on eth0 shows up in the system logs. What's going on? Why do those broadcast packets not show up? Any clues anyone? # If you need more info, please ask. -- Olaf Meeuwissen Epson Kowa Corporation, CID GnuPG key: 6BE37D90/AB6B 0D1F 99E7 1BF5 EB97 976A 16C7 F27D 6BE3 7D90 LPIC-2 -- I hack, therefore I am -- BOFH -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
