From owner-freebsd-questions@FreeBSD.ORG Mon Aug 18 12:08:24 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AE4E637B401 for ; Mon, 18 Aug 2003 12:08:14 -0700 (PDT) Received: from warspite.cnchost.com (warspite.concentric.net [207.155.248.9]) by mx1.FreeBSD.org (Postfix) with ESMTP id 045C543F93 for ; Mon, 18 Aug 2003 12:08:14 -0700 (PDT) (envelope-from mwoodson@sricrm.com) Received: from squelcher.redlands.sricrm.com (bdsl.66.14.215.39.gte.net [66.14.215.39]) by warspite.cnchost.com id PAA00672; Mon, 18 Aug 2003 15:08:10 -0400 (EDT) [ConcentricHost SMTP Relay 1.15] Errors-To: From: Mark Woodson Organization: Statistical Research, Inc. To: "geek" Date: Mon, 18 Aug 2003 12:11:09 -0700 User-Agent: KMail/1.5.3 References: <2305CFC39C15AA4896E06E5C91C509EF03743863@VS2.hdi.tvcabo> In-Reply-To: <2305CFC39C15AA4896E06E5C91C509EF03743863@VS2.hdi.tvcabo> MIME-Version: 1.0 Content-Type: Text/Plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Description: clearsigned data Content-Disposition: inline Message-Id: <200308181211.17147.mwoodson@sricrm.com> cc: freebsd-questions@freebsd.org Subject: Re: [JunkMail] RE: RE: [JunkMail] IPF & DHCP request X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Aug 2003 19:08:27 -0000 =2D----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sunday 17 August 2003 05:05 pm, geek wrote: > i read it already, but i have a problem with it > > #---------------------------------------------------------------- > # Allow bootp traffic in from your ISP's DHCP server only. > #---------------------------------------------------------------- > pass in quick on ed0 proto udp from X.X.X.X/32 to any port =3D 68 keep st= ate > > My IP changes every time i reboot the machine, how i can make this works = ?! The from (ed0 is the external interface in the example) is the address of y= our=20 ISP's DHCP server. replace X.X.X.X with any unless you want to try and=20 figure out the DHCP server's IP address. So the line above should read pass in quick on ed0 proto udp from any to any port =3D 68 keep state This is less secure than is ideal since it would allow a theoretical attack= on=20 your dhclient, but should work. =2D -Mark =2D----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/QSTSF/yyV91po54RApamAKCVZthCWcjwvbD0EiJriOgPMu2elgCgp4uh wPApM5PWXWdH8bZEHZV4GhE=3D =3D5QOO =2D----END PGP SIGNATURE-----