On Sun, 21 Jul 2002, Paul M. Wright, Jr. wrote: > > > Thanks for the answer! In the interim, I had double-checked my firewall > logs and my ISP's DHCP server is now on a private IP address - hence my > lack of problems with the noRFC1918 option. DHCP assignments are now > coming from a 172.19.x.x rather than a 172.16.x.x as they were before. >
172.19.xx is also reserved by RFC 1918 -- range is 172.16.0.0 - 172.31.255.255. > I was wondering, though, about the effect of the initial default > statement in the Shorewall RFC1918 configuration file that permits > broadcasts > 255.255.255.255 RETURN > > Wouldn't that also affect DHCP somehow? > It's essential if you are running an DHCP server. There's one other wierd DHCP case that you may see. Linux boxes with two interfaces will often use the IP of interface A as a source address when trying to get an IP address on interface B. This obviously can cause problems if the server is blocking packets with RFC 1918 source addresses. -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ [EMAIL PROTECTED] ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html