Hi,
Has anybody ever figured out the trick to getting Jumpstart to work
when ipfilter is running? I always have to drop my ipfilter rules
on my Jumpstart server for the client (netboot) system to be able to
going. I did some snoop action, and I saw multicast and broadcast
stuff going by (without ipfilter in the way), so I added the
following to my ruleset:
block in all
block out all
#---take anything in/out via multicast and broadcast for Jumpstart
pass in from 255.255.255.255 to 137.146.28.80
pass out from 137.146.28.80 to 255.255.255.255
pass in from 224.0.0.0/3 to 137.146.28.80
pass out from 137.146.26.80 to 224.0.0.0/3
where 137.146.26.80 is the IP of the host (Jumpstart server).
What's the trick?
Jeff Earickson
Colby College
