lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 12 Oct 2009 23:50:13 +0200
From:	lkml@...ubi.at
To:	arndbergmann@...glemail.com
Cc:	linux-kernel@...r.kernel.org
Subject: Re: DHCP and iptables

Well, I just looked for "ethernet protocol" and read some things about  
DHCP again.

What's an ethernet protocol?

I also read, that "DHCP is built directly on UDP and IP" (RFC 2131).

It uses Ports (UDP 67/68) and the source address of the DHCP server is  
an IP address.

Could you answer me more in detail, why I get an IP, but block  
everything with iptables?

Sincerely yours Mathias Kub

--------------------
12.10.2009 Mathias Kub <lkml@...ubi.at>

|   Thank you very much for that quick reply.
|
|   Yours Mathias Kub
|
|   --------------------
|   12.10.2009 Arnd Bergmann <arndbergmann@...glemail.com>
|
|   |   On Monday 12 October 2009, lkml@...ubi.at wrote:
|   |   > The last few days I have been wondering about the fact, that I get
|   |   > an IP address via
|   |   > DHCP if all chains at iptables are set to drop and no accept rules
|   |   > set.
|   |   >
|   |   > Does this happen on purpose?
|   |
|   |   DHCP is an ethernet protocol, not an IP protocol, so you have to use
|   |   ebtables instead of iptables to filter it.
|   |
|   |   	Arnd <><
|
|   --
|   To unsubscribe from this list: send the line "unsubscribe linux-kernel"
|    in the body of a message to majordomo@...r.kernel.org
|   More majordomo info at  http://vger.kernel.org/majordomo-info.html
|   Please read the FAQ at  http://www.tux.org/lkml/
|

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ