Complete.Org: Mailing Lists: Archives: linux-help: October 2002:
[linux-help] Re: Firewall question 		Home

[linux-help] Re: Firewall question

[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
To: linux-help@xxxxxxxxx
Subject: [linux-help] Re: Firewall question
From: Jeff Vian <jvian10@xxxxxxxxxxx>
Date: Wed, 16 Oct 2002 16:00:35 -0500
Reply-to: linux-help@xxxxxxxxx 
Also, it is using the DHCPDISCOVER protocol, so that can be identified 
and blocked as well by protocol on that interface, without even 
specifying a port.

I was not able to identify specifically which protocol it uses, but 
/etc/protocols lists a lot.

Jonathan Hall wrote:

>I've been fiddling with my Linux firewall, which I use on my DSL connection
>from Moundridge Telephone Company.
>
>I've gotit working fairly well... there is yet one thing I want to block,
>though, that I cannot figure out how to block..
>
>I continually get DHCPDISCOVER requests __FROM MY ISP__ (their network spews
>lots of other crap, too).  I would like to block these so that my DHCP
>server doesn't try to respond.  Since these packets are neither UDP nor TCP,
>my firewall rules have no effect on them.
>
>Here's a snippet from my dhcpd logs:
>
>Oct 15 21:58:11 wardrobe dhcpd-2.2.x: DHCPDISCOVER from 00:01:e7:27:e5:83
>via eth1
>Oct 15 21:58:11 wardrobe dhcpd-2.2.x: no free leases on subnet 65.66.93.0
>
>
>Is there any way, using one of iptable's fancy features, to block these
>packets?
>
>Thanks.
>
>
>
>-- This is the linux-help@xxxxxxxxx list.  To unsubscribe,
>visit http://www.complete.org/cgi-bin/listargate-aclug.cgi
>


-- This is the linux-help@xxxxxxxxx list.  To unsubscribe,
visit http://www.complete.org/cgi-bin/listargate-aclug.cgi
[Prev in Thread] Current Thread [Next in Thread]