Re: [leaf-user] RE: Stopping DHCPD logging
On Friday 17 January 2003 11:37, Brock Nanson wrote: The correct solution is to specify the 'dhcp' in /etc/shorewall/interfaces for the interface(s) being served by dhcpd. I haven't done this. I'll try it. So far, it seems to be doing its thing. It's gone for 10 minutes without logging a message (whereas it used to do it evert minute before). As for the DHCPD leases... there are a few things that I left out of my original mail. My really big bad. -Two of the machines on my interface are actually statically issued based on the MAC address using the host option. So if I for-sure wanted it to stop, I could change all of my machines that use the static IP to... well, a static IP. However I don't want to do this because I often swap around the network connections on my machines and it's easier to handle the changes if you use DHCP. As for the leases, I had a max lease of 2 weeks but no default lease specified. That will likely make a difference as well. -I am using Bering, so everything that Brock and Tom said has been applicable so far. I have a feeling that the problem will go away now. Thanks everyone! -- -- Arcana Dreams may be in sleep, or may occur waking. In all cases, listen to your dreams. --- This SF.NET email is sponsored by: Thawte.com - A 128-bit supercerts will allow you to extend the highest allowed 128 bit encryption to all your clients even if they use browsers that are limited to 40 bit encryption. Get a guide here:http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0030en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] RE: Stopping DHCPD logging
--On Friday, January 17, 2003 8:37 AM -0800 Brock Nanson [EMAIL PROTECTED] wrote: --On Thursday, January 16, 2003 4:52 PM -0800 Brock Nanson [EMAIL PROTECTED] wrote: Googling suggested that this was a firewall issue so I played about with that for a while - finally got it to stop by adjusting the Shorewall rules to ACCEPT UDP 67 and 68 between the Bering box and my LAN. The correct solution is to specify the 'dhcp' in /etc/shorewall/interfaces for the interface(s) being served by dhcpd. -Tom Ah, that might be the problem. I looked at my interfaces file and saw that my LAN interface did NOT have this enabled, however, the note at the beginning of the interfaces file says that the DHCP setting is used if the interface is managed by DHCP. The interfaces file that I release says: # dhcp - interface is managed by DHCP or used by -- #a DHCP server running on the firewall or - #you have a static IP but are on a LAN #segment with lots of Laptop DHCP clients. # What version of Shorewall do you have? I took the 'managed' term to imply that the interface gets an address via DHCP, not that it serves DHCPD. As well, I was always able to get an IP without this entry - I just got the errors described in the original poster's message when a lease renewal was required. I will try changing this setting tonight, although I'm betting the 'dhcp' entry just does what I did manually...(?) It adds those rules but much earlier in the rule gauntlett. -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: teastep \ http://shorewall.sf.net ICQ: #60745924 \ [EMAIL PROTECTED] --- This SF.NET email is sponsored by: Thawte.com - A 128-bit supercerts will allow you to extend the highest allowed 128 bit encryption to all your clients even if they use browsers that are limited to 40 bit encryption. Get a guide here:http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0030en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] RE: Stopping DHCPD logging
--On Friday, January 17, 2003 01:31:45 PM -0800 Brock Nanson [EMAIL PROTECTED] wrote: The good news is I solved the problem! ;-) But I still don't know how I was able to get the lease in the first place! I don't know either -- sometime when I'm bored, I'll look into it since I've seen similar things before. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline,\ http://www.shorewall.net Washington USA \ [EMAIL PROTECTED] --- This SF.NET email is sponsored by: Thawte.com - A 128-bit supercerts will allow you to extend the highest allowed 128 bit encryption to all your clients even if they use browsers that are limited to 40 bit encryption. Get a guide here:http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0030en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] RE: Stopping DHCPD logging
--On Thursday, January 16, 2003 4:52 PM -0800 Brock Nanson [EMAIL PROTECTED] wrote: Googling suggested that this was a firewall issue so I played about with that for a while - finally got it to stop by adjusting the Shorewall rules to ACCEPT UDP 67 and 68 between the Bering box and my LAN. The correct solution is to specify the 'dhcp' in /etc/shorewall/interfaces for the interface(s) being served by dhcpd. -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: teastep \ http://shorewall.sf.net ICQ: #60745924 \ [EMAIL PROTECTED] --- This SF.NET email is sponsored by: Thawte.com Understand how to protect your customers personal information by implementing SSL on your Apache Web Server. Click here to get our FREE Thawte Apache Guide: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0029en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] RE: Stopping DHCPD logging
--On Thursday, January 16, 2003 7:12 PM -0800 Tom Eastep [EMAIL PROTECTED] wrote: The correct solution is to specify the 'dhcp' in /etc/shorewall/interfaces for the interface(s) being served by dhcpd. I of course meant the 'dhcp' option -- -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: teastep \ http://shorewall.sf.net ICQ: #60745924 \ [EMAIL PROTECTED] --- This SF.NET email is sponsored by: Thawte.com Understand how to protect your customers personal information by implementing SSL on your Apache Web Server. Click here to get our FREE Thawte Apache Guide: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0029en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
