Date: 02 Jul 2003 22:19:16 -0400 From: Lowell Gilbert <freebsd-questions-local@be-well.no-ip.com> To: freebsd-questions@freebsd.org Subject: Re: dhclient Message-ID: <44smpo5p3v.fsf@be-well.ilk.org> In-Reply-To: <20030702220602.GF6061@kongemord.krig.net> References: <20030702220602.GF6061@kongemord.krig.net>
next in thread | previous in thread | raw e-mail | index | archive | help
"Bob Hall" <rjhalljr@starpower.net> writes:
> I'm getting the following message:
> dhclient: send_packet: Permission denied
> I thought this was being caused by my firewall, but I made
> some changes and I'm still getting the message. Being
> wholly ignorant about this message, I'm assuming that
> dhclient is trying to send a packet to my ISP's DHCP server,
> and something is blocking it. I'm further assuming that
> my firewall is doing the blocking, and my ignorance is
> preventing me from finding a solution. Can someone tell me
> if my assumptions are correct, or correct them?
You're doing fine.
> The firewall is ipfw with the SIMPLE option. The modifications
> to the firewall script for DHCP were
> # Accept bootps (dhcp):
> ${fwcmd} add allow udp from ${oip}/32 68 to 0.0.0.0/0 67 out
> ${fwcmd} add allow udp from 0.0.0.0/0 67 to ${oip}/32 68 in
That doesn't make any sense. How about:
${fwcmd} add allow udp from any to any bootps keep-state out via ${oif}
You don't have an IP address yet, so you can't put an IP address into
the rule, and the all-zeros address would be what *your* machine is
using. You don't know the address of the server, so you have to leave
that unspecified.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44smpo5p3v.fsf>