Re: IPCHAINS Question

Brian Ventura Wed, 21 Jun 2000 09:26:48 -0700
   *** From dhcp-server -- To unsubscribe, see the end of this message. ***

Wow, extremely off topic!!  :)  do a tcpdump on your dhcp server and then make
a request to see what the packets are doing.  your ipchains rules are not the
only rules that need work.  You need the linux box to forward dhcp requests
across the router.  Then you have to have ipchains allow this forward.  On a
cisco router, this is called a "dhcp helper address".  Dhcp traffic is all
broadcast messages.  You do not want to allow broadcasts across the router by
default.  Sorry to not provide a solution, but hopefully the info is usefull.

John Chivian wrote:

>    *** From dhcp-server -- To unsubscribe, see the end of this message. ***
>
> Hey All:
>
>    I am setting up a Linux system as a firewall using ipchains and need
> to make the DHCP server traffic available to the trusted network.   I'm
> pretty sure I have six of the seven rules set up correctly but am not
> 100% sure about the other, the fifth of seven, that seems to specify a
> netmask as a source address.
>
>    I know this may be a bit off topic but was wondering if someone could
> set me straight on exactly what addresses are contained in that
> particular communication from server to client.   Or alternately send me
> a copy of working ipchains rules that I can use for reference.
>
>    Thanks, JC
>
> --
>
> John (JC) Chivian
> Site Manager, Information Systems
> Photronics, Inc.
> 601 Millennium Drive
> Allen, Texas   75013
>
> 972 889 6263 direct
> 972 889 6275 main
> 972 889 6339 fax
>
> mailto:[EMAIL PROTECTED]
> mailto:[EMAIL PROTECTED]
> http://www.photronics.com
>
> -- Binary/unsupported file stripped by Listar --
> -- Type: text/x-vcard
> -- File: jchivian.vcf
> -- Desc: Card for John Chivian
>
> -----------------------------------------------------------------------
> List Archives : http://www.isc.org/ml-archives/dhcp-server/
> Unsubscribe   : http://www.isc.org/dhcp-lists.html
> -or-          : mailto:[EMAIL PROTECTED]?Subject=unsubscribe
> -----------------------------------------------------------------------

--
- [EMAIL PROTECTED]
- World's Greatest Speler





-----------------------------------------------------------------------
List Archives : http://www.isc.org/ml-archives/dhcp-server/
Unsubscribe   : http://www.isc.org/dhcp-lists.html    
-or-          : mailto:[EMAIL PROTECTED]?Subject=unsubscribe  
-----------------------------------------------------------------------
Re: IPCHAINS Question

Reply via email to
