[Firehol-support] Re: DHCP Log Messages - Please HELP!
daniel at rimspace.net
Wed Aug 24 04:43:05 BST 2005
cougar <c0ugar7i8 at comcast.net> writes:
>> cougar <c0ugar7i8 at comcast.net> writes:
>>> I've been using Firehol on Debian for 3-4 weeks and I'm deeply
>>> troubled by this issue.
>>> I'm using ULOG for my logging. My syslogemu.log is filled up with the
>>> following lines...
>>> Aug 23 16:13:33 mercury IN-world: IN=eth1 OUT=
>>> MAC=ff:ff:ff:ff:ff:ff:00:01:5c:22:31:c2:08:00 SRC=10.125.144.1
>>> LEN=355 TOS=00 PREC=0x00 TTL=64 ID=15592 PROTO=UDP SPT=67 DPT=68
>> So, firehol logs all the DHCP broadcast messages to your logs.
>>> These requests come every 3-7 seconds.
>> You might consider setting your DHCP server to have a longer timeout,
>> or if eth1 is connected to your ADSL modem, just adding a 'client
>> dhcp accept' statement and the '255.255.255.255/32' address as a
>> valid target address on that interface.
> How do I do this exactly. My eth1 is in fact set up to grab an IP
> automatically from my ISP, which is Comcast. My eth0 is set up to
> distribute IPs to my local machines on my network.
Note: you shouldn't need to specify the paths to the various tools in
your firehol.conf file under Debian. They just work out of the box...
Anyway, just add a 'client dhcp accept' and a 'server dhcp drop'
statement under 'interface eth1 ...' in the configuration file.
That should do what you want, in general.
> If I use 'client dhcp drop', will that prevent my Linux box from
> grabbing an IP?
Nope - the dhcp client uses "raw sockets" to access the network, so it
bypassed the firewall entirely, for better or worse.
More information about the Firehol-support