Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 28 Oct 2009 16:05:40 +0000
From:      Jonathan Belson <jon@witchspace.com>
To:        freebsd-net@freebsd.org
Subject:   PF and DHCP
Message-ID:  <75F8B8C2-2BFE-434A-9E16-C34CAAF6C6E9@witchspace.com>

next in thread | raw e-mail | index | archive | help
Hiya

I have a server which acts as a gateway between the internet and my  
internal network.  The external interface receives its IP address via  
DHCP.  I set up pf.conf to allow DHCP packets via ports 67/68, but I  
notice that when the server boots, the DHCP exchange happens /before/  
PF gets started.

Does this mean that adding rules for DHCP isn't necessary (my firewall  
rules are block in/pass out, with a bit of NAT thrown in)?

Does this mean that when my machine boots, there's a window between  
the interfaces coming up and the firewall being enabled?

Thanks,

--Jon




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?75F8B8C2-2BFE-434A-9E16-C34CAAF6C6E9>