I have a site where I am having some troubles working ISC's DHCP with iptables.
RedHat 7.1 kernel 2.4.10 with grsecurity and ipsec dhcp - 2.0pl5-4 I start ipsec last I set the default policy for INPUT to DROP and have the following... ACCEPT icmp -- anywhere anywhere ACCEPT all -- localoffice/24 anywhere ACCEPT all -- localhost.localdomain anywhere mail all -- anywhere anywhere other_services all -- anywhere anywhere dns all -- anywhere anywhere ipsec all -- anywhere anywhere ACCEPT gre -- anywhere anywhere what i don't understand is, that if the default policy is DROP but i allow all local traffic, why the client's can't get a dhcp assigned address. but if i set the default INPUT policy to ACCEPT then it works. any ideas? -- Andrew Hatfield RedHat Certified Engineer Head - Internet Security Division Hatfield & Associates Pty. Ltd. Phone : +61 7 3849 7155 Fax : +61 7 3849 6277 Email : [EMAIL PROTECTED] Web : http://www.hatfields.com.au/
