Date: Wed, 5 Jun 2002 19:31:19 -0400 From: "C J Michaels" <cjm2@earthling.net> To: <barbish@a1poweruser.com>, "Samuel Chow" <samuelc@samuelstn.dhs.org> Cc: "FBSDQ" <questions@freebsd.org> Subject: RE: dhcp client and cable modem Message-ID: <CDEJIONOMGKHCNHBALKPCENDCAAA.cjm2@earthling.net> In-Reply-To: <MIEPLLIBMLEEABPDBIEGMEAFCCAA.barbish@a1poweruser.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> -----Original Message----- > From: owner-freebsd-questions@FreeBSD.ORG > [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Joe & Fhe Barbish > Sent: Wednesday, June 05, 2002 11:36 AM > > Samuel wrote > Are you saying your dhclient cannot get an IP address because > of ipfw? > > I reply > No > I am just trying to determine what some the default deny all > packets belong > to. > Since I just started using dhclient, it was something to check out. > > I have these rules > # Special rules for Adelphia Cable access > $cmd 00174 allow udp from me 68 to $odns1 67 out via rl0 > $cmd 00175 allow udp from $odns1 67 to me 68 in via rl0 > $cmd 00176 allow udp from any 67,68 to 255.255.255.255 67,68 in via rl0 > > I do not understand why dhcp is talking to my ISP's DNS server or DNS server? Oh.. it is probably trying to dynamically update the zone w/ your new ip. It's a newer feature of isc v3. > why it's using 255.255.255.255 for an ip address. Default 'broadcast to the whole world' address. No matter what your IP, subnet, network id. You will always listen to a req that comes in on 255.255.255.255. This is necessary for dhcp to work since many times at the inital req you don't actually have an ip/network id/etc... --Chris > > Is this normal? Yes > > Your example of > # Allow DHCP packets in and out > 3200 add pass udp from any 68 to any 67 out via xl0 > 3200 add pass udp from any 67 to any 68 in via xl0 > > is just way to wide open for my liking. > > > Let me know what you think > Joe > > > > -----Original Message----- > From: owner-freebsd-questions@FreeBSD.ORG > [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Samuel Chow > Sent: Wednesday, June 05, 2002 11:07 AM > To: barbish@a1poweruser.com > Cc: FBSDQ > Subject: Re: dhcp client and cable modem > > > > I'm using the FBSD built in dhcp client on the Nic card to the cable > modem. > > My ipfw firewall is denying a bunch of packets which never happened > > with the modem connection. > > > > Could somebody tell me what ipfw rules I need to allow the cable isp > > dhcp server to correspond with my FBSD gateway? > > Are you saying your dhclient cannot get an IP address because > of ipfw? If so, try the following rules (of course, replace > rule number and interface): > > # Allow DHCP packets in and out > 3200 add pass udp from any 68 to any 67 out via xl0 > 3200 add pass udp from any 67 to any 68 in via xl0 > > Hope this helps. > > --- > Samuel Chow > samuelc@samuelstn.dhs.org > > This message is displayed using recycled electrons. > Segmentation Fault (core dumped) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CDEJIONOMGKHCNHBALKPCENDCAAA.cjm2>