Does your config file support a DHCP server that only serves dynamic IPs for the internal network (eg eth1), while blocking the external network (eg eth0)? For MS clients, I believe that 255.255.255.255 needs to be open for MS$ clients, does your firewall config file support this functionality.
When I configured a FW manually, the following worked for serving/blocking: iptables -a INPUT -i eth1 -p tcp --sport 68 --dport 67 -j ACCEPT iptables -a INPUT -i eth1 -p udp --sport 68 --dport 67 -j ACCEPT Any advice is much appreciative.
