Package: dnsmasq Version: 2.27-1 I had some problems in getting firestarter and dnsmasq work together. Here is a good description how to manage this. This tip IMHO should be integrated in the dnsmasq FAQ.
http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2005q3/000431.html Here is the content of the posting in case the link would be outdated: --------------------------------------------------------------------------- Hi folks. This email is primarily to document my learning, to hopefully save someone else some time and frustration getting Firestarter and dnsmasq working together. As seems to be a common problem, my firewall was preventing dnsmasq from working as a LAN DHCP server. By default Firestarter (naturally) denies all inbound connections, so I attempted to whitelist DHCP packets by adding 'inbound policy rules'. This turned out to be futile, as Firestarter doesn't consider broadcast DHCP packets as 'inbound' since it doesn't recognise the destination IP (255.255.255.255) as belonging to the host. Thus they were classed as 'Unknown' and discarded, regardless of policy rules. My troubleshooting was complicated by an advanced option I had enabled, titled "Block broadcasts from external network", which actually dropped broadcasts on *all* interfaces. I believe this is a bug and will be following it up. Firestarter has an explicit option to "Enable DHCP for the local network" however this turned out to just (re)start ISC dhcpd if you had it installed. No firewall rules related to the protocol are added by this option, so it seems a bit of a red herring. My eventual solution was to add the following line to /etc/firestarter/user-pre to explicitly allow the DHCP broadcasts early in the INPUT table: $IPT -A INPUT -i $INIF -p udp -s 0.0.0.0 --sport 68 -d 255.255.255.255 --dport 67 -j ACCEPT I hope this tale didn't bore you all too much, and will be useful to someone :) Cheers, Andrew Greig --------------------------------------------------------------------------- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
