From: richard hauswald <staenker@rhcs.de>
To: netfilter@lists.netfilter.org
Subject: dhcp server is working but there are no rules allowing it using a drop policy
Date: Tue, 08 Mar 2005 12:40:46 +0100 [thread overview]
Message-ID: <422D8F3E.9000806@rhcs.de> (raw)
Hi all,
my problem is a verry strange one, so i think i did a configuration
failure. But i can't find him.
i made a listung of my iptables rules using the -L parameter and finaly
a tcpdump wich should show you, that dhcp is working - well i couldnt
post hte windowsxp bubble wich says that i got a wunderfull wlan
connection...
-------------------------------------
Antifreeze:~# date;iptables -L;date;iptables -t nat -L;date;iptables -t mangle -L;date;tcpdump -i eth0 udp
Mon Mar 7 14:50:57 CET 2005
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:64385 state NEW,ESTABLISHED
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp spt:64385 state ESTABLISHED
Mon Mar 7 14:50:57 CET 2005
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Mon Mar 7 14:50:57 CET 2005
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
Mon Mar 7 14:50:57 CET 2005
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
14:51:10.965603 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 00:0f:cb:ad:75:a8, length: 300
14:51:10.966600 IP Antifreeze.lan.bootps > 192.168.0.19.bootpc: BOOTP/DHCP, Reply, length: 300
14:51:10.975221 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 00:0f:cb:ad:75:a8, length: 322
14:51:10.978049 IP Antifreeze.lan.bootps > 192.168.0.19.bootpc: BOOTP/DHCP, Reply, length: 300
4 packets captured
4 packets received by filter
0 packets dropped by kernel
------------------------------------------------
Ok, i would be verry happy if anyone could help me blocking the dhcp server that i can trust iptables again.
regards
richard hauswald
next reply other threads:[~2005-03-08 11:40 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-03-08 11:40 richard hauswald [this message]
2005-03-08 15:01 ` dhcp server is working but there are no rules allowing it using a drop policy Jason Opperisano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=422D8F3E.9000806@rhcs.de \
--to=staenker@rhcs.de \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox