[OmniOS-discuss] help with ipfilter rule for DHCP client
Michael Mounteney
gate03 at landcroft.co.uk
Wed Dec 3 20:28:47 UTC 2014
Hello, I tightened up my ipfilter rules and somehow cut out DHCP.
Could someone who knows DHCP better than me please have a look and
tell me what's missing. I pulled ipf.conf from an Oracle page so it
must be slightly different in some respect.
What I have now is
pass in on e1000g1 all
pass in on e1000g0 all
pass out on e1000g1 all
pass out on e1000g0 all
where:
e1000g0 is connected to my ISP's cable modem and picks up its address
via DHCP in the range 192.168.0.2 to 192.168.0.254
e1000g1 is the local network interface, statically set to 192.168.1.1
It was working after I changed the rules to those below, even after
restarting service ipfilter, but I suppose it didn't have to renew the
lease at that time.
Dec 3 16:47:34 world /sbin/dhcpagent[106]: [ID 490758 daemon.error] send_pkt_internal: cannot send REQUEST packet to server (will retry in 63 seconds): Network is unreachable
Dec 3 16:48:34 world ipf: [ID 774698 kern.info] IP Filter: v4.1.9, running.
Dec 3 16:48:39 world /sbin/dhcpagent[106]: [ID 778557 daemon.warning] configure_v4_lease: no IP broadcast specified for e1000g0, making best guess
The rules were as at http://pastebin.com/4aYyZhJ8 -- posted there to avoid a long message.
Can I also suggest that for the sake of anyone searching for this later, that you copy and repost any relevant lines from the rule set.
Thanks in anticipation, Michael.
More information about the OmniOS-discuss
mailing list