DHCP

[Justin Michael]

On Mon, Jan 21, 2002 at 11:24:55AM -0500, Charles Stack wrote:
> Spent most of yesterday trying to write a new firewall script based on Oskar
> Andreasson's rc.firewall script.
> 
> Managed to lock it down so that it rejects ACK, FIN, SYN, NULL and XMAS
> scans using the rules below.  But, my DHCP clients (Win2K) on my LAN are
> unable to establish an IP via DHCP.
> 
> Can somebody shed some light as to why this is happening?   Policies default
> to DROP.

Assuming your dhcp server is the firewall ...

iptables -I INPUT -p udp --dport 67:68 -s $LAN_IP_RANGE -j ACCEPT

--j