Hi, my dhcp configuration seems to be somewhat off 1) I don't put dhcp on any interface, however, there is no problem starting dhcp client on my net interfaces eth0, eth1 2) shorewall isn't "started" on eth0 because it detected there was no IP 3) When I plug in the network cable I guess netfilter isn't fully limiting eth0? 4) At some point during the interface coming up, one stray packet from dhcp port 67, to my net ip port=68 arrives, this is then forwarded and appears to try and exit via the next entry in my default routing table (the route makes sense, but not why the packet is being forwarded when it's destination is the eth0 ip ?) 5) Once the interface is up, my scripts start "shorewall enable eth0" and at this point I can't repro the effect from outside using netcat...
I'm kind of stumped on the details here. How should I configure shorewall so that it does restrict this interface listed as optional, which is down at shorewall start? Also how to block the stray packet which is bringing up my demand dial ppp link? I can see it on the forward chain, but I'm stumped figuring out how I should set a rule to target that? Any thoughts on why my stack tries to forward this one packet (addressed to the new eth0 ip)? Thanks Ed W ------------------------------------------------------------------------------ For Developers, A Lot Can Happen In A Second. Boundary is the first to Know...and Tell You. Monitor Your Applications in Ultra-Fine Resolution. Try it FREE! http://p.sf.net/sfu/Boundary-d2dvs2 _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
