Gabor Kovacs <[EMAIL PROTECTED]> writes: > Olaf Meeuwissen wrote: > > > Basically, I'd like to keep the setup as closed as possible so I make > > a hole in /etc/dhclient-enter-hooks during the PREINIT stage to let > > the DHCPDISCOVER broadcast out (and a reply back in eventually, taking > > this one step at a time ;-). At least, that's what I thought I should > > do, but I noticed that packets are not logged! > > I think (but not sure) DHCP client is using (so called) raw sockets > which are below the layer where iptables is in the kernel. That's why > iptables is unable to see the packets.
Looks like you are right. I set all built-in chains to LOG and a DROP policy (no other rules) and my interface configures fine. Once it is up there's an incessant stream of logged packets (mainly win-DoS hosts letting everyone know who and where they are by shouting all over the subnet and, occasionally, beyond). Oh well, I guess I can forget about making and plugging holes for the DHCPDISCOVER (and probably DHCPREQUEST) requests and their replies. That makes my job easier, but I guess the docs then need a fix ;-) Thanks, -- Olaf Meeuwissen Epson Kowa Corporation, CID GnuPG key: 6BE37D90/AB6B 0D1F 99E7 1BF5 EB97 976A 16C7 F27D 6BE3 7D90 LPIC-2 -- I hack, therefore I am -- BOFH -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
