I have a single rule on my tower routers that drops udp source port 67 with an IN interface of bridgeLAN which is the bridge my APs are in and also the bridge my DHCP server runs. Works a treat.
-Ty On Mar 3, 2014 5:23 PM, "Josh Luthman" <[email protected]> wrote: > Canopy can certainly block bootp servers and let the client pull DHCP. > They broke it out I think late v9 or early v10? The idea that it works on > egress/ingress makes sense. That can't be done on a bridged MT/AirOS can > it? > > > Josh Luthman > Office: 937-552-2340 > Direct: 937-552-2343 > 1100 Wayne St > Suite 1337 > Troy, OH 45373 > > > On Mon, Mar 3, 2014 at 6:05 PM, Bill Prince < > [email protected]> wrote: > > > There are both. Pick either/or both or neither. > > > > bp > > > > > > On 3/3/2014 2:16 PM, Eric Muehleisen wrote: > > > >> I thought that all the filter does in the SM is block bootp server (port > >> 67) egress. But it allows bootp client (port 68) ingress. > >> > >> > >> On Mon, Mar 3, 2014 at 3:38 PM, Josh Luthman < > [email protected] > >> >wrote: > >> > >> Is this possible with a layer 3 firewall? In a packet capture it > doesn't > >>> really look possible due to the broadcast nature of it, but I thought > I'd > >>> ask. > >>> > >>> It's doable in Canopy, but I wonder how it's actually being done. > >>> > >>> Josh Luthman > >>> Office: 937-552-2340 > >>> Direct: 937-552-2343 > >>> 1100 Wayne St > >>> Suite 1337 > >>> Troy, OH 45373 > >>> -------------- next part -------------- > >>> An HTML attachment was scrubbed... > >>> URL: < > >>> http://mail.butchevans.com/pipermail/mikrotik/ > >>> attachments/20140303/fc6e1742/attachment.html > >>> _______________________________________________ > >>> Mikrotik mailing list > >>> [email protected] > >>> http://mail.butchevans.com/mailman/listinfo/mikrotik > >>> > >>> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik > >>> RouterOS > >>> > >>> -------------- next part -------------- > >> An HTML attachment was scrubbed... > >> URL: <http://mail.butchevans.com/pipermail/mikrotik/ > >> attachments/20140303/32e01882/attachment.html> > >> _______________________________________________ > >> Mikrotik mailing list > >> [email protected] > >> http://mail.butchevans.com/mailman/listinfo/mikrotik > >> > >> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik > >> RouterOS > >> > >> > > _______________________________________________ > > Mikrotik mailing list > > [email protected] > > http://mail.butchevans.com/mailman/listinfo/mikrotik > > > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik > > RouterOS > > > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > http://mail.butchevans.com/pipermail/mikrotik/attachments/20140303/636b9e4b/attachment.html > > > _______________________________________________ > Mikrotik mailing list > [email protected] > http://mail.butchevans.com/mailman/listinfo/mikrotik > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik > RouterOS > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.butchevans.com/pipermail/mikrotik/attachments/20140303/7a3d74dd/attachment.html> _______________________________________________ Mikrotik mailing list [email protected] http://mail.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
