Mon, 21 Jan 2002 12:51:56 -0500
On Mon, Jan 21, 2002 at 11:24:55AM -0500, Charles Stack wrote:
> Spent most of yesterday trying to write a new firewall script based on Oskar
> Andreasson's rc.firewall script.
> Managed to lock it down so that it rejects ACK, FIN, SYN, NULL and XMAS
> scans using the rules below. But, my DHCP clients (Win2K) on my LAN are
> unable to establish an IP via DHCP.
> Can somebody shed some light as to why this is happening? Policies default
> to DROP.
Assuming your dhcp server is the firewall ...
iptables -I INPUT -p udp --dport 67:68 -s $LAN_IP_RANGE -j ACCEPT