Re: [Leaf-user] ISP DHCP server is on RFC1918 address
I have a curious and annoying problem. I am on a cable modem system for which the DHCP server apparently sits at a private IP address 10.0.48.1 although the system address is 68.2.x.x . The annoyance is that my logs fill up with the following message: Apr 4 21:04:55 gwrouter kernel: Packet log: input DENY eth0 PROTO=17 10.48.0.1:67 255.255.255.255:68 L=334 S=0x00 I=42391 F=0x T=255 (#50) What would be the best way to handle this in the firewall rules (I'm running Dachstein v1.02)? Actually, this is probably a Windows system nearby on your cable-modem network leaking internal traffic to the external network. Regardless, you can stop this garbage from filling your logs with: SILENT_DENY=udp_10.48.0.1_68 Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] ISP DHCP server is on RFC1918 address
Paul: Heya. This looks to me like a DHCP reply as well (checkout http://www.echogent.com/cgi-bin/fwlog.pl to see). I think RFC-1542 indicates that port-68 is where DHCP (aka, BOOTP) replies must sent *to*, and DHCP servers send them from port 67. Though I bet elsewhere in your logs, you are seeing your neighbor's initial DHCP requests as well (they'll originate from port-68, destined for port-67). Anyhow. To get these to stop, try the echowall.lrp firewall scripts for Dachstein. You can find it on the LEAF site, or via Freshmeat.net. When I first wrote them, I was on an ATT@Home cable-modem system that used DHCP. cheers, Scott I have a curious and annoying problem. I am on a cable modem system for which the DHCP server apparently sits at a private IP address 10.0.48.1 although the system address is 68.2.x.x . The annoyance is that my logs fill up with the following message: Apr 4 21:04:55 gwrouter kernel: Packet log: input DENY eth0 PROTO=17 10.48.0.1:67 255.255.255.255:68 L=334 S=0x00 I=42391 F=0x T=255 (#50) What would be the best way to handle this in the firewall rules (I'm running Dachstein v1.02)? thanks! paul Paul M. Wright, Jr. McKay Technologies making technology play nice... ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] ISP DHCP server is on RFC1918 address
I have a curious and annoying problem. I am on a cable modem system for which the DHCP server apparently sits at a private IP address 10.0.48.1 although the system address is 68.2.x.x . The annoyance is that my logs fill up with the following message: Apr 4 21:04:55 gwrouter kernel: Packet log: input DENY eth0 PROTO=17 10.48.0.1:67 255.255.255.255:68 L=334 S=0x00 I=42391 F=0x T=255 (#50) What would be the best way to handle this in the firewall rules (I'm running Dachstein v1.02)? thanks! paul Paul M. Wright, Jr. McKay Technologies making technology play nice... ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user