Re: iptables not logging or dhcp-client lying?

To: Olaf Meeuwissen <olaf@epkowa.co.jp>, debian-security@lists.debian.org
Subject: Re: iptables not logging or dhcp-client lying?
From: Gabor Kovacs <koga@webigen.com>
Date: Wed, 03 Apr 2002 19:06:17 +0200
Message-id: <[🔎] 3CAB3689.915414A6@webigen.com>
References: <[🔎] 87g02dnzmr.fsf@frodo.epkowa.co.jp>

Olaf Meeuwissen wrote:

> Basically, I'd like to keep the setup as closed as possible so I make
> a hole in /etc/dhclient-enter-hooks during the PREINIT stage to let
> the DHCPDISCOVER broadcast out (and a reply back in eventually, taking
> this one step at a time ;-).  At least, that's what I thought I should
> do, but I noticed that packets are not logged!

I think (but not sure) DHCP client is using (so called) raw sockets
which are below the layer where iptables is in the kernel. That's why
iptables is unable to see the packets.

(There is an option for Raw sockets in the kernel, and it can be used
only with root privileges.)

KoGa


-- 
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: iptables not logging or dhcp-client lying?
  - From: Olaf Meeuwissen <olaf@epkowa.co.jp>

References:
- iptables not logging or dhcp-client lying?
  - From: Olaf Meeuwissen <olaf@epkowa.co.jp>

Prev by Date: Re: on potato's proftpd
Next by Date: Re: A question about some network services
Previous by thread: Re: iptables not logging or dhcp-client lying?
Next by thread: Re: iptables not logging or dhcp-client lying?
Index(es):
- Date
- Thread