Blokovani DHCPD

[Pavel Kankovsky]

On Wed, 15 Mar 2000, Vladimir Smelhaus wrote:

> kernel: Packet log: input DENY eth1 PROTO=17 ...
> dhcpd: DHCPDISCOVER from 00:00:00:00:00:00 via eth1
> dhcpd: no free leases on subnet ...

Hypoteza: je to problem toho, kdo ma vetsi kladivo. Ipchains to sice
odfiltruji, ale dhcpd je trumfne, protoze misto aby jako kazdy slusny
program poslouchalo na UDP socketu, tak pouziva raw socket (nebo neco
podobneho), do ktereho to se to posle jeste pred tim, nez se k lizu
dostane firewalling.

Resenim by asi bylo nechat dhcpd poslouchat jen na tom spravnem
interfejsu.

--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."