On November 19, 2002 10:53 am, Donald R. Spoon wrote:
Jim Bowering wrote:
I'm using Libranet Debian 2.0. This machine always gets a DHCP lease
from my ISP when it boots, but they seem to have a short default lease
period. After about 2 hours I lose my lease.
This is just a guess, but perhaps your DHCP "client" is obtaining an
initial lease before the firewall is started, and your firwall has ports
67 and 68 blocked. These ports need to be open so your DHCP client can
communicate with your ISP's DHCP server to renew leases. My firewall
has these ports open and renews the lease on my cable modem about every
two hours just fine.
/etc/rc2.d does have dhcp before firestarter, but my Firestarter-generated
firewall.sh contains this:
#DHCP
$IPT -t filter -A INPUT -p tcp -s 0/0 -d 0/0 --dport 67:68 -i $IF -j ACCEPT
$IPT -t filter -A INPUT -p udp -s 0/0 -d 0/0 --dport 67:68 -i $IF -j ACCEPT
which opens the ports on eth0 ($IF), and when I manually run
/etc/init.d/networking restart it re-establishes my connection.
BTW, thanks for mentioning FIRESTARTER! I have been looking for
something like this to replace my current firewall, and have generally
been intimidated by writing my own iptables ruleset. This looks like
just the thing to get me started.
I'm finding it very useful.