On Wed, Mar 10, 2021 at 08:40:55PM +0100, da...@hajes.org wrote: > Hi, > > I did set up OpenBSD router/firewall on PC Engines APU4d4 box. > > First interface is WAN that connects to Internet. > > Remaining three interfaces are bridged with bridge0 via vether0. > > firewall doesn't block LAN/bridge traffic on vether0. > > DHCPD runs on bridge. > > Two Linux hosts (connected to em2 and em3) connect without problem but > Windows host DHCP requests are blocked on em1. > > I didn't find any info regarding pf and bridging.
Please check bridge(4) manpage, especially the NOTES section. > set skip on lo0 > set skip on bridge0 This line is useless. Packets never show up on bridge0. You need to add the physical interfaces and vether0 to your ruleset. > So far I have found a kludge for Windows "set skip on em1" > > Once, above by line is present in pf.conf, Win 10 host is allowed to acquire > IP address. Interesting is that Linux has no issues to acquire IP addresses > via DHCP. > > Any suggestions, please? You need to fix your pf.conf. > Is it something screwed up in Windows such as short 3-way-handshake? I doubt it. Your ruleset is most probably not allowing packets to pass properly over the bridge. Since you did not share your pf.conf file it is impossible to give you a better answer. -- :wq Claudio
