No internet connection
Nick Drage
nickd at metastasis.org.uk
Thu Sep 9 18:00:53 CEST 2004
On Thu, Sep 09, 2004 at 11:02:18AM -0400, Jason Opperisano wrote:
> On Thu, 2004-09-09 at 10:40, Giancarlo Boaron wrote:
> > Ok. I made my iptables script and I forgot to handle
> > the DHCP protocol. So, my firewall box gets its IP
> > address via DHCP. Thats a nice thing to test.
>
> for the sake of the list archives:
>
> # DHCP server -> client
> iptables -A INPUT -p udp --sport 67 --dport 68 -j ACCEPT
>
> # DHCP client -> server
> iptables -A OUTPUT -p udp --sport 68 --dport 67 -j ACCEPT
Not wishing to be paranoid, buuuuuuuuutttttttt..... couldn't you
usefully restrict those by source and destination IP?
--
mors omnia vincit
More information about the netfilter
mailing list