DHCP-Daemon bypasses Linux iptables

Thread: DHCP-Daemon bypasses Linux iptables

Search this list only Search all lists
DHCP-Daemon bypasses Linux iptables
	2006-04-20 11:42:14
Hello all, I was seriously puzzled why iptables could not stop dhcp requests from reaching ISC dhcpd. Now I found the reason: instead of listening on a UDP socket dhcpd installs a LPF similar to tcpdump or ethereal. This bypasses the protection from the firewall. What can I do to regain that protection? -- Regards Joerg

DHCP-Daemon bypasses Linux iptables
	2006-04-24 12:59:29
Hi Joerg, you could try to bind your dhcpd on a pseudo bridge interface and filter with ebtables. The syntax is quite the same as the usage of iptables... kind ragards, Martin On Thu, 20 Apr 2006, Joerg Pommnitz wrote: > Hello all, > I was seriously puzzled why iptables could not stop dhcp requests from reaching ISC dhcpd. Now I found the reason: instead of listening on a UDP socket dhcpd installs a LPF similar to tcpdump or ethereal. This bypasses the protection from the firewall. What can I do to regain that protection? > > -- Regards > Joerg > > > > > >

[1-2]