On Thu, Mar 21, 2002 at 01:00:51PM +0100, Daniel Kobras wrote: > On Thu, Mar 21, 2002 at 10:31:02AM +0000, Karl E. Jorgensen wrote: > > The firewalling I have in place only allows incoming connections for > > ssh. UDP is locked down so only DNS works there. And by mistake (fixed > > now), > > it also allowed incoming DHCP requests from the internet. > > Careful here. The first DHCP request from a freshly booted machine > doesn't carry a local IP address (but either 0.0.0.0 or random crap). > So make sure you don't filter by IP address, but by interface at most.
Yep. My mistake was just to filter by protocol + port number, and ignoring the interface. By now I have found that I only have dhcpd listening on eth0 (my internal network). Which means that dhcpd was completely irrelevant here. Sorry about the wild goosechase. -- Karl E. Jørgensen [EMAIL PROTECTED] www.karl.jorgensen.com ==== Today's fortune: * JHM wonders what Joey did to earn "I'd just like to say, for the record, that Joey rules." -- Seen on #Debian
pgpFHPWAoonVr.pgp
Description: PGP signature