Re: iptables vs DHCP

To: debian-security@lists.debian.org
Subject: Re: iptables vs DHCP
From: "Justin R. Miller" <incanus@codesorcery.net>
Date: Tue, 5 Mar 2002 09:41:44 -0500
Message-id: <[🔎] 20020305144144.GA6644@mithrandir.codesorcery.net>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] E16iCZg-0004fC-00@burken>
References: <[🔎] 02030409572804.00657@debian> <[🔎] E16iCZg-0004fC-00@burken>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Said Harald Skoglund on Tue, Mar 05, 2002 at 11:53:39AM +0100:

> > Does anybody use iptables in a DHCP network? I want to know how
> > would be some rule in this case...
> 
> iptables -A  INPUT -p UDP -s <dhcp-server> --sport 67 --dport 68 -j
> ACCEPT

Here's what firestarter seems to add for DHCP:

ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpts:67:68 
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0          udp dpts:67:68 

I suppose it could be a bit more restrictive than that...

- -- 
[!] Justin R. Miller <incanus@codesorcery.net>
    PGP 0xC9C40C31 -=- http://codesorcery.net

    http://www.cnn.com/2002/ALLPOLITICS/01/29/inv.terror.probe/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8hNko94d6K8nEDDERAtcsAJ4s2naFDOIRFCFr2rMvkNPTN0rcGACfSKCZ
gEKNCTtUPr7iORbMm/acZ1g=
=qN0g
-----END PGP SIGNATURE-----

Reply to:

References:
- iptables vs DHCP
  - From: Osvaldo Mundim Junior <osvaldo@arcom.com.br>
- Re: iptables vs DHCP
  - From: Harald Skoglund <haraldms@hekta.stud.iet.hist.no>

Prev by Date: Postfix and Mailman
Next by Date: unsubscribe
Previous by thread: Re: iptables vs DHCP
Next by thread: Fw: CERT Advisory CA-2002-06 Radius Vulnerabilities
Index(es):
- Date
- Thread