Jeff A. Earickson wrote:
Hi,Has anybody ever figured out the trick to getting Jumpstart to work when ipfilter is running? I always have to drop my ipfilter rules on my Jumpstart server for the client (netboot) system to be able to going. I did some snoop action, and I saw multicast and broadcaststuff going by (without ipfilter in the way), so I added the following to my ruleset:block in all block out all #---take anything in/out via multicast and broadcast for Jumpstart pass in from 255.255.255.255 to 137.146.28.80 pass out from 137.146.28.80 to 255.255.255.255 pass in from 224.0.0.0/3 to 137.146.28.80 pass out from 137.146.26.80 to 224.0.0.0/3 where 137.146.26.80 is the IP of the host (Jumpstart server).
I don't think the multicast is needed, but you need to be able to talk to broadcast, as well as basically allow anyone at all to give you DHCP/Bootp requests (depending on which you use). Then there's the joyousness of getting NFSv3 through a firewall.
Start by figuring out which step is breaking: bootp? dhcp? tftp? nfs? -- Phil Dibowitz [EMAIL PROTECTED] Freeware and Technical Pages Insanity Palace of Metallica http://www.phildev.net/ http://www.ipom.com/"Be who you are and say what you feel, because those who mind don't matter and those who matter don't mind."
- Dr. Seuss
signature.asc
Description: OpenPGP digital signature
