[Dnsmasq-discuss] Re: DCHP server not assign IP addresses
Paul Chambers
bod at bod.org
Tue Nov 18 16:15:57 GMT 2008
I'm a little more familiar with iptables, and Rune is right - there are
no rules in your INPUT table that accept the initial DHCP packets (which
don't have an IP address yet). Looks like eth0 is your external
interface, and eth1 is the internal one? then you want something like:
-A INPUT -i eth1 -p udp -m udp --dport 67:68 -j ACCEPT
and not the rule you have:
-A udpincoming_packets -i eth1 -p udp -m udp --dport 67:68 -j ACCEPT
since the udpincoming_packets chain is only invoked for traffic arriving
on eth0 - so this rule will never fire (a given packet can't be -i eth0
and -i eth1 simultaneously!)
-- Paul
Rune Kock wrote:
> On Tue, Nov 18, 2008 at 13:05, Troy Piggins <troy at piggo.com> wrote:
>
>> * Rune Kock wrote :
>> <snip />
>>
>>> I still think that the firewall is the most likely problem. Or is
>>> there some kind of router/wireless between the NAS and your dnsmasq
>>> machine?
>>>
>> To be honest, it can't be the firewall anyway. All traffic from
>> the internal network is allowed by default. The only
>> blocking/dropping rules are on the external interface.
>>
>
> As I said, iptables is not a strong point for me. But when I read
> your setup, it seems that you do not actually accept ethernet
> broadcasts; you only accept 192.168.xxx.xxx packets, and obviously,
> the NAS will not know to use that address range the first time.
>
> Maybe something like:
> -m addrtype --dst-type BROADCAST -j ACCEPT
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20081118/30bf679c/attachment.htm
More information about the Dnsmasq-discuss
mailing list