> Working on ISC but not dnsmasq reinforces my diagnosis: dhcpd bypasses > iptables for such packets, dnsmasq doesn't.
I have no rules on either of the machines with iptables: root@dns:~# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination root@dns:~# iptables -L -t nat Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain INPUT (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination On Wed, 15 Apr 2020 at 00:35, Simon Kelley <si...@thekelleys.org.uk> wrote: > > > On 14/04/2020 18:51, Josh H wrote: > > Hi there, > > > > I'm receiving no DHCPOffer back from my DHCPDiscover. However, I can > > tcpdump the machine running dnsmasq and it is receiving the DHCPOffer > > packets. > > > > Here's my very very simple dnsmasq.conf > > # To disable dnsmasq's DNS server functionality. > > port=0 > > > > # To enable dnsmasq's DHCP server functionality. > > dhcp-range=192.168.1.3,192.168.1.8,255.255.255.240,12h > > > > # Set gateway as Router. Following two lines are identical. > > #dhcp-option=option:router,192.168.0.1 > > dhcp-option=3,192.168.0.1 > > > > # Set DNS server as Router. > > dhcp-option=6,192.168.0.1 > > > > # Logging. > > log-facility=/var/log/dnsmasq.log # logfile path. > > log-async > > log-queries # log queries. > > log-dhcp # log dhcp related messages. > > > > Here's the contents of /var/log/dnsmasq.log after running dhclient on a > > machine connected to the subnet: > > Apr 14 18:36:57 dnsmasq[1702]: started, version 2.80 DNS disabled > > Apr 14 18:36:57 dnsmasq[1702]: compile time options: IPv6 GNU-getopt > > DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth DNSSEC > > loop-detect inotify dumpfile > > Apr 14 18:36:57 dnsmasq-dhcp[1702]: DHCP, IP range 192.168.1.3 -- > > 192.168.1.8, lease time 12h > > > > So, nothing logged indicating that the DHCPDiscover has been recieved? > If not, my guess would be an iptables rules blocking incoming packets > sent to 255.255.255.255. > > > I can see the service running with netstat -anp4: > > Active Internet connections (servers and established) > > Proto Recv-Q Send-Q Local Address Foreign Address > > State PID/Program name > > udp 0 0 0.0.0.0:67 <http://0.0.0.0:67/> > > 0.0.0.0:* 1702/dnsmasq > > udp 0 0 0.0.0.0:1701 <http://0.0.0.0:1701/> > > 0.0.0.0:* 1607/xl2tpd > > > > There are no firewalls setup anywhere on my network for the moment. I > > have been able to get isc-dhcp-server to successfully allocate DHCP > > requests just fine however, so I don't think it's anything broken with > > DHCP in general. I'm running Linux kernel 5.6.2 and using dnsmasq from > > Debian Bullseye. > > Working on ISC but not dnsmasq reinforces my diagnosis: dhcpd bypasses > iptables for such packets, dnsmasq doesn't. > > > > Cheers, > > Simon. > > > > > > Hopefully someone can work out my issue! > > Thank you very much! > > > > _______________________________________________ > > Dnsmasq-discuss mailing list > > Dnsmasq-discuss@lists.thekelleys.org.uk > > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > > > > _______________________________________________ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss >
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss