Hello, As I set up a Linux box in order to allow firewalling / masquerading with a DHCP client (on Linux, for real Internet address), here follows some bottlenecks, to anyone who wants to set up such a system. First, a little topology of my system, to clarify minds. [ intranet ] ---* eth0 [ Linux box ] eth1 *---> ISP Addresses given from my ISP comes from DHCP. If you want to set up a Firewall, do not forget to allow BOOTP packets to go in/out from your external device (Here it is from eth1), with -I and -O rules; However, no need to forward anything (because it's only for external host). Related ports are 67 and 68, but perhaps someone else can give a better description of which port to enable as input / output. I will not give my settings, because I'm not sure of what I've done (though It seems to work), and I don't want to send security holes here. I suggest that someone else who knows well both Firewalling & DHCP clients replies to this email in this forum. I suggest also this information should be added to the IP-masquerade HOWTO or Firewall-HOWTO. Eric ;-) --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] For daily digest info, email [EMAIL PROTECTED]
