For your dhpc, just setup "dhcp" option in the interfaces files. For private address, you'll probably have to dig the shorewall doc a little, but i bet you this have already been addresses somehow.
JeF On Sat, Sep 14, 2002 at 01:38:25AM +0200, Robert Ian Smit wrote: > I setup a machine for my parents that is basically the gateway > system to the internet. It is connected on eth0 to a cable modem > using DHCP. The system has Shorewall installed. > > Everything works, but I noticed an enormous amount of logging by > Shorewall concerning rfc1918 drops. Since I am not very familiar > with DHCP I have to make some assumptions. > > Their isp uses 172.31.254.133 as DHCP server. > > The cable modem has an address in the range of 10.144.xxx.xxx. > > Again the setup has just worked, but I want to reduce the logging of > Shorewall to these "known" destinations. > > Since I can imagine why a DHCP-client would like to talk to the > server I have allowed the server ips packets to pass. > > But why is the modem talking to the dhcp-client (or I assume it is > trying to do that). Since the isp tells me that the modem ip is > dynamic, I will have to assume that just allowing one ip in the > 10.144.xxx.xxx range is not enough. > > Is it safe or recommended to open up a wide range of rfc1918 ips? I > could ofcourse also have the packets dropped silently, but now I > know about this, I am not sure that blocking traffic with regards to > DHCP is smart. > > Bob > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- -> Jean-Francois Dive --> [EMAIL PROTECTED] There is no such thing as randomness. Only order of infinite complexity. - _The Holographic Universe_, Michael Talbot
