I'm using isc dhcp. The default policy is to deny everything. IPFilter is
stopping the lease renewal but it is expected behavior. I want to let the
machine send the renewal request and receive a response. But I'm not sure
how to filter it.
pass out on tlp0 proto udp from 0.0.0.0 port = bootpc to any \
port = bootps keep state
Is the above valid, legal and the way to go?
Thanks much!
Steven
-----Original Message-----
From: Darren Reed [mailto:[EMAIL PROTECTED]
Sent: Saturday, December 04, 2004 11:22 AM
To: Steven Miller
Cc: [EMAIL PROTECTED]
Subject: Re: filtering dhcp....
In some email I received from Steven Miller, sie wrote:
> Can someone give a quick working example for filtering dhcp lease
renewals?
> The initial query and setup happens before ipf comes up. It's just the
> renewal that I having a problem with!
Be wary of expecting to be able to use ipfilter to control dhcp packet
flows as often the programs involved use the NIC directly and don't use
the normal path that IP packets take to get in/out of the system.
Or are you saying that IPFilter is stopping the lease renewals ?
Darren
