Date: Tue, 23 Feb 1999 22:15:25 -0600 From: Guy Helmer <ghelmer@scl.ameslab.gov> To: Brian Gallucci <brian@briang.org> Cc: FreeBSD <freebsd-questions@freebsd.org> Subject: Re: IPFW Help Message-ID: <Pine.SGI.4.05.9902232212450.16182-100000@demios.scl.ameslab.gov> In-Reply-To: <000b01be5f89$ece76ae0$2a00a8c0@brian-desktop.briang.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 23 Feb 1999, Brian Gallucci wrote: > I have a static IP from my ISP and here's the setup I have > > fxp0 = 24.1.88.xxx /24 > fxp1 = 192.168.0.1 /24 > I have a NT box <192.168.0.20> running a DHCP server. > > When I boot up any of the workstations on my local net I get this message in > my log. > > ipfw: 5600 Deny UDP 0.0.0.0:68 255.255.255.255:67 in via fxp0 > ipfw: 5600 Deny UDP 192.168.0.20:67 255.255.255.255:68 in via fxp0 > ipfw: 5600 Deny UDP 24.1.88.1:67 255.255.255.255:68 in via fxp0 > ipfw: 5300 Deny UDP 0.0.0.0:68 255.255.255.255:67 in via fxp0 > ipfw: 5300 Deny UDP 192.168.0.20:67 255.255.255.255:68 in via fxp0 These packets are *entering* through fxp0, not exiting. Do you have fxp0 and fxp1 on the same Ethernet? > I have told it not to pass any DHCP reguest through the fxp0 interface (ie.) > ipfw -a l > ... > ^^00300 0 0 deny udp from any 67 to any out xmit fxp0^^ > ^^00400 0 0 deny udp from any 68 to any out xmit fxp0^^ These rules only apply to packets going out the fxp0 interface. Guy Helmer Guy Helmer, Ph.D. Candidate, Iowa State University Dept. of Computer Science Research Assistant, Ames Laboratory --- ghelmer@scl.ameslab.gov Research Assistant, Dept. of Computer Science --- ghelmer@cs.iastate.edu http://www.cs.iastate.edu/~ghelmer To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SGI.4.05.9902232212450.16182-100000>