Re: DHCP and Firewall Problem

From: Avery Payne (apayne@pcfruit.com)
Date: 01/02/02


From: "Avery Payne" <apayne@pcfruit.com>
To: "Focus-Linux (E-mail)" <focus-linux@lists.securityfocus.com>
Date: Wed, 2 Jan 2002 13:45:15 -0800


----- Original Message -----
From: "Andrew Hatfield" <andrew@hatfields.com.au>
To: "Focus-Linux (E-mail)" <focus-linux@lists.securityfocus.com>
Sent: Tuesday, January 01, 2002 5:23 PM
Subject: DHCP and Firewall Problem

> I have a site where I am having some troubles working ISC's DHCP with
> iptables.
>
[snip]
>
> what i don't understand is, that if the default policy is DROP but i
> allow all local traffic, why the client's can't get a dhcp assigned
> address. but if i set the default INPUT policy to ACCEPT then it works.
>
> any ideas?

You need to have the DHCP port open for this to work, for BOTH the input and
output policies. I believe the magic number is 67.



Relevant Pages

  • Re: dhclient in 6.0
    ... ...it's worth considering the way it standardizes ... DHCP is worthwhile, learning to do ARP also lets us pick up on Bernard ... I'm not really interested in arguing with either you or ISC's policy, ... Because of the placement of the buffer which might be overflowed, it is unlikely this bug will result in serious consequences, however the possibility of a remotely triggered server crash cannot be ruled out. ...
    (freebsd-stable)
  • Re: Certificate-based DHCP authentication
    ... DHCP was not designed with goal of assigning ... another option would be to build IPSec policy. ... > same IP subnet as our other office PCs. ...
    (microsoft.public.windows.server.security)
  • Assigning Class ID via Group Policy
    ... Can anyone tell me how to set a DHCP Class ID with a Group ... I have created a .bat file that I confirmed works to set the ... I specified it as the logon file to run in group policy ... laptop machine accounts into their own OU. ...
    (microsoft.public.windows.group_policy)
  • Using Group Policy to assign Class ID
    ... Can anyone tell me how to set a DHCP Class ID with a Group ... I have created a .bat file that I confirmed works to set the ... I specified it as the logon file to run in group policy ... laptop machine accounts into their own OU. ...
    (microsoft.public.windows.group_policy)
  • Re: wifi network connection
    ... Chain FORWARD (policy ACCEPT) ... I also tried ifconfig eth1 down and run eth1 by udhcpc, ... I tried to set static IP down and using dhcp client to test dhcp ...
    (Debian-User)