Hello, I have a DHCP server running on the firewall. But DHCP requests are dropped by rpfilter, when this option is enabled for loc interface:
/etc/shorewall/interfaces net enp5s0 rpfilter,dhcp,nosmurfs,logmartians,sourceroute=0 loc enp6s0 rpfilter,dhcp,nosmurfs,logmartians Log: Jul 02 23:21:03 Sardegna kernel: Shorewall:rplog:DROP:IN=enp6s0 OUT= MAC=ff:ff:ff:ff:ff:ff:78:97:68:45:0d:7f:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=375 TOS=0x00 PREC=0x00 TTL=64 ID=51364 PROTO=UDP SPT=68 DPT=67 LEN=355 Jul 02 23:21:07 Sardegna kernel: Shorewall:rplog:DROP:IN=enp6s0 OUT= MAC=ff:ff:ff:ff:ff:ff:78:97:68:45:0d:7f:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=375 TOS=0x00 PREC=0x00 TTL=64 ID=58639 PROTO=UDP SPT=68 DPT=67 LEN=355 Jul 02 23:21:15 Sardegna kernel: Shorewall:rplog:DROP:IN=enp6s0 OUT= MAC=ff:ff:ff:ff:ff:ff:78:97:68:45:0d:7f:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=375 TOS=0x00 PREC=0x00 TTL=64 ID=59979 PROTO=UDP SPT=68 DPT=67 LEN=355 DHCP works as expected without rpfilter option for the loc interface. Is it possible to use rpfilter on interfaces, on which DHCP server is listening? `shorewall dump` is attached. Regards.
dump.txt.gz
Description: GNU Zip compressed data
------------------------------------------------------------------------------ Don't Limit Your Business. Reach for the Cloud. GigeNET's Cloud Solutions provide you with the tools and support that you need to offload your IT needs and focus on growing your business. Configured For All Businesses. Start Your Cloud Today. https://www.gigenetcloud.com/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
