On Thu, Feb 12, 2004 at 10:36:27PM -0800, Jason wrote: > Hi, > > I'm new to the list, and fairly new to OpenBSD (installed maybe 6 months ago). > Anyway, I have a question. Is there anywhere to get PF to stop arp requests > from passing through it? The problem I'm having is dhcp requests from > Windows XP are squeezing by. dhclient on Linux seems to not work (which is > good). > > Here's my setup: > > I have two interfaces, rl0 and rl1. rl1 is my wireless. rl0 is my internal. > I have dhcpd listening on both interfaces. My test pf rules are: > > block in all > block out all > > So nothing should get in or out. period. right? Well, when I do an > ipconfig /renew on Windows XP (wireless), it gets an IP address from dhcpd! > And I know it came from my sever because looking at /var/log/daemon confims > it (plus it's the only one the network). Is this the expected behavior? Or > am I missing something here?
this is the expected baheviour. > I did a tcpdump on rl1, and it was just a bunch of mac addresses talking back > and forth. This is exactly how dhcpd sees those packets. it uses bpf, just like tcpdump to captures packets from the interface. This is why pf is unable to block it. You can work around this with dhcp configuration as you already noted. Can
