And it makes perfect sense only if you can trust your dhcp server (runs chrooted and privilege separated :)
On 1/28/11, Greg Hennessy <greg.henne...@nviz.net> wrote: > Could be talking complete nonsense here, but.... > > IIRC BPF sees all traffic before PF. DHCP hooks at the BPF layer, so it'll > be serviced before any filtering policy applies. > > > Greg > > >> -----Original Message----- >> From: owner-freebsd...@freebsd.org [mailto:owner-freebsd- >> p...@freebsd.org] On Behalf Of Michael >> Sent: 28 January 2011 9:20 AM >> To: freebsd-pf@freebsd.org >> Subject: why "block quick on wlan0" doesn't stop DHCP? >> >> Hello, >> >> Here is my simple rule set: >> >> set loginterface wlan0 >> block log >> block quick on wlan0 >> >> Now I'm booting my 8.1-R box. After it's up and running with pf I'm >> powering on my wireless access point. >> >> After couple seconds my wlan0 is associated and receives it's IP >> address. I don't understand why was it not stopped by pf? >> And how can I tune my rules to be able to control DHCP conversation? >> >> Michael >> _______________________________________________ >> freebsd-pf@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-pf >> To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org" > -- Iñigo Ortiz de Urbina Cazenave http://www.twitter.com/ioc32 _______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
