From owner-freebsd-stable Tue Mar 28 8:51:10 2000 Delivered-To: freebsd-stable@freebsd.org Received: from pi.yip.org (yip.org [199.45.111.121]) by hub.freebsd.org (Postfix) with ESMTP id 64BF937C14A for ; Tue, 28 Mar 2000 08:50:49 -0800 (PST) (envelope-from melange@yip.org) Received: from localhost (melange@localhost) by pi.yip.org (8.9.3/8.9.3) with ESMTP id LAA43813 for ; Tue, 28 Mar 2000 11:50:13 -0500 (EST) (envelope-from melange@yip.org) Date: Tue, 28 Mar 2000 11:50:13 -0500 (EST) From: Bob K X-Sender: melange@localhost To: freebsd-stable@FreeBSD.ORG Subject: Re: 4.0-STABLE dhcp conflicts. In-Reply-To: <14560.56319.827242.610802@trooper.velocet.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, 28 Mar 2000, David Gilbert wrote: > >>>>> "Brian" == Brian Kraemer writes: > > Brian> in message <14559.40450.544687.51037@trooper.velocet.net>, > Brian> David Gilbert writes: > >> It appears that when I run two (not sure if one does it) tcpdumps > >> on the dhcp server, the dhcp clients don't get any responses to > >> their queries. Is there some flaw in the dhcpd bpf rules? > > Brian> Do you have enough bpf devices enabled? I imagine each tcpdump > Brian> will use one, and dhcpd also uses one if I am not mistaken. > > Well... one not-so-nice "feature" of the dhcpd or bpf interface (don't > know which) is that it requires one bpf per interface. I do believe this was done for security reasons. (ie, if a box with dhcpd is compromised but only has 1 bpf interface, it would require stopping of dhcpd or a recompiled kernel/reboot to run tcpdump, which hopefully would be noticed) Bob "And I had the same fish/pants/jolt/staples/cieling problem you did." - John Teffer To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message