> yes, meanwhile I also found the shorewall howto. I assumed, that the dhcpd > does not use the normal stack. But I did not understand this behavior, > because when I look into the RFC regarding bootp/dhcp I found that this > service is "defined to use the udp protocol".... > > thank you for your assistance, > Martin >
You should be able to block this traffic at the Ethernet level using ebtables with something like this: ebtables [-t filter] -A INPUT -i eth0 -p ipv4 --ip-protocol 17 --ip-destination-port 67 -j DROP This drops incoming ethernet traffic to eth0 with an IPv4 protocol of 17 (UDP) destined for IP port 67. -- gentoo-security@gentoo.org mailing list
