/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting!
/* ALSO: Don't quote this header. It makes you look lame :-) */
Hello all--
My logs are filling up with what I believe are broadcast dhcp requests:
Packet log: input REJECT eth0 PROTO=17 24.2.2.
70:67 255.255.255.255:68 L=356 S=0x00 I=28315 F=0x0000 T=250 (#6)
So I decided to add an ipchains rule that would drop those requests and NOT
log them:
# Deny DHCP broadcasts and don't log
ipchains -A input -p udp -s 0.0.0.0/0 68 -i $extint -j DENY
The above line is part of the input section of my rc.firewall script, as shown
below (blatantly stolen from the HOWTO):
ipchains -F input
ipchains -P input REJECT
# Local interface, local machines, going anywhere is valid
ipchains -A input -i $intint -s $intnet -d 0.0.0.0/0 -j ACCEPT
# Remote interface, claiming to be local machines, IP spoofing, get lost
ipchains -A input -i $extint -s $intnet -d 0.0.0.0/0 -l -j REJECT
# Deny DHCP broadcasts and don't log
ipchains -A input -p udp -s 0.0.0.0/0 68 -i $extint -j DENY
# Remote interface, any source, going to permanent PPP address is valid
ipchains -A input -i $extint -s 0.0.0.0/0 -d $extip/32 -j ACCEPT
# Loopback interface is valid
ipchains -A input -i lo -s 0.0.0.0/0 -d 0.0.0.0/0 -j ACCEPT
# Catchall rule, all other incoming is denied and logged
ipchains -A input -s 0.0.0.0/0 -d 0.0.0.0/0 -l -j REJECT
Yet still the logs fill up with these DHCP requests. What am I missing?
Stephen
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ --
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
