RE: [leaf-user] Receiving DHCP broadcasts

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Thanks Tom,

> a) Be sure that you have set the 'dhcp' option for your external
interface
> in /etc/shorewall/interfaces.
> b) Because your ISP is using RFC 1918 addresses within its
infrastructure,
> you need to review Shorewall FAQ #14a
> (http://www.shorewall.net/FAQ.htm#faq14a).

Yes, etc/shorewall/interfaces has dhcp on for the external interface.

I was getting these in my log when I performed a trace route

Feb 27 19:17:42 firewall kernel: Shorewall:rfc1918:DROP:IN=3Deth0 =
OUT=3Deth1
SRC=3D10.75.48.1 DST=3D192.168.1.1 LEN=3D56 TOS=3D0x00 PREC=3D0xC0 =
TTL=3D254 ID=3D3903
PROTO=3DICMP TYPE=3D11 CODE=3D0 [SRC=3D81.102.124.19 =
DST=3D212.58.224.114 LEN=3D92
TOS=3D0x00 PREC=3D0x00 TTL=3D1 ID=3D63517 PROTO=3DICMP TYPE=3D8 CODE=3D0 =
ID=3D512
SEQ=3D41728 ]=20

And these stopped when I added the UBRs IP to /etc/shorewall/rfc1918
I'll find out soon whether this makes any difference to DHCP renewal,
but apparently not blocking the UBR is very important.

A few questions about that log entry if I may?

According to the weblet, sorting the denied packets by IP address lists
all these packets as caused by '81.102.124.19', which is my external IP
on eth0. Can somebody explain why?

"SRC=3D10.75.48.1 DST=3D192.168.1.1"

DST is the local IP for my WinXP box, how come SRC is trying to send it
packets?

I don't know whether the UBR has a static IP, but I do know the ranges
it will always be in (10.xxx.xxx.1 or 172.xx.xxx.254). If it turns out
to be dynamic, is it possible to put those ranges instead of a static IP
in to /etc/shorewall/rfc1918?

Thanks,

Jim.

RE: [leaf-user] Receiving DHCP broadcasts

A secure, feature-rich, customizable embedded Linux network appliance

RE: [leaf-user] Receiving DHCP broadcasts