My DHCP server also acts as my NAT router and as such is connected both to my internal network and the outside world. I only want the DHCP server to listen to requests on the internal connection. (eth1) Unfortunately, it seems that no matter what I do requests (i.e. DHCPDISCOVER from * via eth0) still come in on the external connection (eth0). While the requests aren't being honored, they are still coming in and being written to the syslog, causing a LOT of garbage in there. I've decided to try and just filter out any requests via iptables, but nothing that I've tried seems to work. Here's the configs that I've tried:
iptables -A INPUT -p udp -m udp --dport 67:68 -j DROP iptables -A INPUT -p udp -m udp --dport 67:68 -i eth0 -j DROP iptables -A INPUT -p udp -m udp --sport 67:68 -j DROP iptables -A INPUT -p udp -m udp --sport 67:68 -i eth0 -j DROP and various other combinations of the above. (TCP instead of UDP, etc.) Unfortunately, no matter what I do the requests still come in and clog my syslog. I've looked all over google and the first one of the above is what I keep finding. Unfortunately, it still doesn't work. Any suggestions? TIA. -Alex
signature.asc
Description: This is a digitally signed message part
