Hey there, I have a problem concerning ipfw and dhcp. I am trying to block dhcp request which are sent to my host. but the dhcp server replys even though my firewall rule matches.
the firewall rule in my script $cmd 02 deny log ip from any to any bootps keep-state in which will be translated into: deny log logamount 100 ip from any to any dst-port 67 keep-state the log entry in /etc/security Apr 22 14:41:54 lizard kernel: ipfw: 2 Deny UDP 0.0.0.0:68 255.255.255.255:67 in via fxp1 lizard# tcpdump -n -i fxp1 broadcast or host 192.168.1.2 and not arp tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on fxp1, link-type EN10MB (Ethernet), capture size 96 bytes 14:41:54.026011 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:11:11:94:72:76, length: 548 14:41:54.026534 IP 192.168.1.1.67 > 255.255.255.255.68: BOOTP/DHCP, Reply, length: 351 the dhcp server sends the client an answer, even though ipfw seems to reject the packet. Is there any way to block the dhcprequest from reaching the dhcp server ? tcpdump version 3.8.3 isc-dhcp3-server-3.0.2_7 FreeBSD lizard 5.4-RC2 FreeBSD 5.4-RC2 best regards Thomas Vogt _______________________________________________ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "[EMAIL PROTECTED]"
