It's bad production practice... but for testing things such as this I generally put "* * * * * *" rules on all afflicted interfaces with logging so I can see what traffic is being passed.
Tim Nelson Systems/Network Support Rockbochs Inc. (218)727-4332 x105 ----- "Dominik Schips" <[email protected]> wrote: > Hello, > > Am Mittwoch, den 21.01.2009, 19:49 +0100 schrieb Dominik Schips: > > Hi, > > > > Am Mittwoch, den 14.01.2009, 23:06 -0500 schrieb Chris Buechler: > > > On Wed, Jan 14, 2009 at 4:22 AM, Dominik Schips <[email protected]> > wrote: > > > > > Are you seeing blocks in your firewall logs? Your DHCP requests > are > > > not going to be sourced from your LAN subnet, so I'm guessing > they're > > > being blocked. > > This is the output if I request an IP with the LAN1 interface wich is > brideged to LAN > > Jan 22 18:28:48 LAN1 0.0.0.0:68 255.255.255.255:67 UDP > > Jan 22 18:28:48 BRIDGE0 0.0.0.0:68 255.255.255.255:67 UDP > > Jan 22 18:28:48 LAN1 0.0.0.0:68 255.255.255.255:67 UDP > > Jan 22 18:28:36 LAN1 0.0.0.0:68 255.255.255.255:67 UDP > > Jan 22 18:28:36 BRIDGE0 0.0.0.0:68 255.255.255.255:67 UDP > > Jan 22 18:28:36 LAN1 0.0.0.0:68 255.255.255.255:67 UDP > > Jan 22 18:28:28 LAN1 0.0.0.0:68 255.255.255.255:67 UDP > > Jan 22 18:28:28 BRIDGE0 0.0.0.0:68 255.255.255.255:67 UDP > > Jan 22 18:28:28 LAN1 0.0.0.0:68 255.255.255.255:67 UDP > > Jan 22 18:28:20 LAN1 0.0.0.0:68 255.255.255.255:67 UDP > > Jan 22 18:28:20 BRIDGE0 0.0.0.0:68 255.255.255.255:67 UDP > > Jan 22 18:28:20 LAN1 0.0.0.0:68 255.255.255.255:67 UDP > > Jan 22 18:28:12 LAN1 0.0.0.0:68 255.255.255.255:67 UDP > > Jan 22 18:28:12 BRIDGE0 0.0.0.0:68 255.255.255.255:67 UDP > > Jan 22 18:28:12 LAN1 0.0.0.0:68 255.255.255.255:67 UDP > > > Here is my rule for LAN1: > > Proto Source Port Destination Port Gateway > * LAN1 net * * * * > > What kind of rule do I need to allow a correct request for LAN1 / > BRIDGE0 ? > > I tried > > * * * LAN1 net * * > > but this doesn't solve the problem. > > Any idee to get the BRIDGE0 talk to LAN1 and let it request a IP? > > > Regards > > Dominik > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > Commercial support available - https://portal.pfsense.org --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
