Re: IPFW and DHCPD

2003-01-27 Thread Steve Bertrand
$cmd allow 00010 udp from any to me 67 in via $iif $cmd allow 00020 udp from me 68 to any out via $iif Assuming that $iif is your interface and that dhcpd is running on the dhcpd server. Steve Warren Block wrote: Can someone post a set of ipfw rules to allow DHCP to work on the inside

Re: IPFW and DHCPD

2003-01-27 Thread Warren Block
On Mon, 27 Jan 2003, Bill Moran wrote: This is crazy. There is no sane way that anyone can give you rules for this without knowing the rest of your firewall rules. Amoung other things, _where_ you place the rules in the list, and what other rules that may match DCHP traffic are critical to

IPFW and DHCPD

2003-01-26 Thread Warren Block
Can someone post a set of ipfw rules to allow DHCP to work on the inside interface, something that would work in the context of the SIMPLE example in /etc/rc.firewall? I've got too many variables to tell if I've got a working set of rules and non-working dhcpd, or the other way around. Thanks!

RE: IPFW and DHCPD

2003-01-26 Thread Brian McCann
it. Hope that helps. --Brian -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Warren Block Sent: Sunday, January 26, 2003 10:58 PM To: [EMAIL PROTECTED] Subject: IPFW and DHCPD Can someone post a set of ipfw rules to allow DHCP to work on the inside

RE: IPFW and DHCPD

2003-01-26 Thread Warren Block
On Sun, 26 Jan 2003, Brian McCann wrote: You need to allow UDP ports 6768 for full DHCP support, in both directions...so ipfw add allow any 67 to any any via int out ipfw add allow any 67 to any any via int in ipfw add allow any 68 to any any via int out ipfw add allow any 68 to any

Re: IPFW and DHCPD

2003-01-26 Thread James Long
On Sun, Jan 26, 2003 at 08:58:08PM -0700, Warren Block wrote: Can someone post a set of ipfw rules to allow DHCP to work on the inside interface ipfw add allow udp from any 67-68 to any via ${iif} for some value of iif To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe

Re: IPFW and DHCPD

2003-01-26 Thread James Long
On Sun, Jan 26, 2003 at 10:00:27PM -0700, Warren Block wrote: ${fwcmd} add pass udp from any 67,68 to any via ${iif} But I'm not seeing any counts on that rule when a notebook client tries for a DHCP lease, and the client never gets a lease. What deny rules do you have above that point in

Re: IPFW and DHCPD

2003-01-26 Thread Bill Moran
Warren Block wrote: On Sun, 26 Jan 2003, Brian McCann wrote: You need to allow UDP ports 6768 for full DHCP support, in both directions...so ipfw add allow any 67 to any any via int out ipfw add allow any 67 to any any via int in ipfw add allow any 68 to any any via int out ipfw add allow