Date: Wed, 5 Jun 2002 11:36:00 -0400 From: "Joe & Fhe Barbish" <barbish@a1poweruser.com> To: "Samuel Chow" <samuelc@samuelstn.dhs.org> Cc: "FBSDQ" <questions@FreeBSD.ORG> Subject: RE: dhcp client and cable modem Message-ID: <MIEPLLIBMLEEABPDBIEGMEAFCCAA.barbish@a1poweruser.com> In-Reply-To: <007301c20ca2$ae7da3e0$2784412f@ca.nortel.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Samuel wrote
Are you saying your dhclient cannot get an IP address because
of ipfw?
I reply
No
I am just trying to determine what some the default deny all packets belong
to.
Since I just started using dhclient, it was something to check out.
I have these rules
# Special rules for Adelphia Cable access
$cmd 00174 allow udp from me 68 to $odns1 67 out via rl0
$cmd 00175 allow udp from $odns1 67 to me 68 in via rl0
$cmd 00176 allow udp from any 67,68 to 255.255.255.255 67,68 in via rl0
I do not understand why dhcp is talking to my ISP's DNS server or
why it's using 255.255.255.255 for an ip address.
Is this normal?
Your example of
# Allow DHCP packets in and out
3200 add pass udp from any 68 to any 67 out via xl0
3200 add pass udp from any 67 to any 68 in via xl0
is just way to wide open for my liking.
Let me know what you think
Joe
-----Original Message-----
From: owner-freebsd-questions@FreeBSD.ORG
[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Samuel Chow
Sent: Wednesday, June 05, 2002 11:07 AM
To: barbish@a1poweruser.com
Cc: FBSDQ
Subject: Re: dhcp client and cable modem
> I'm using the FBSD built in dhcp client on the Nic card to the cable
modem.
> My ipfw firewall is denying a bunch of packets which never happened
> with the modem connection.
>
> Could somebody tell me what ipfw rules I need to allow the cable isp
> dhcp server to correspond with my FBSD gateway?
Are you saying your dhclient cannot get an IP address because
of ipfw? If so, try the following rules (of course, replace
rule number and interface):
# Allow DHCP packets in and out
3200 add pass udp from any 68 to any 67 out via xl0
3200 add pass udp from any 67 to any 68 in via xl0
Hope this helps.
---
Samuel Chow
samuelc@samuelstn.dhs.org
This message is displayed using recycled electrons.
Segmentation Fault (core dumped)
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?MIEPLLIBMLEEABPDBIEGMEAFCCAA.barbish>