[Dnsmasq-discuss] Re: DCHP server not assign IP addresses

Paul Chambers bod at bod.org
Tue Nov 18 16:15:57 GMT 2008


I'm a little more familiar with iptables, and Rune is right - there are 
no rules in your INPUT table that accept the initial DHCP packets (which 
don't have an IP address yet). Looks like eth0 is your external 
interface, and eth1 is the internal one? then you want something like:

-A INPUT -i eth1 -p udp -m udp --dport 67:68 -j ACCEPT

and not the rule you have:

-A udpincoming_packets -i eth1 -p udp -m udp --dport 67:68 -j ACCEPT

since the udpincoming_packets chain is only invoked for traffic arriving 
on eth0 - so this rule will never fire (a given packet can't be -i eth0 
and -i eth1 simultaneously!)

-- Paul

Rune Kock wrote:
> On Tue, Nov 18, 2008 at 13:05, Troy Piggins <troy at piggo.com> wrote:
>   
>> * Rune Kock wrote :
>> <snip />
>>     
>>> I still think that the firewall is the most likely problem.  Or is
>>> there some kind of router/wireless between the NAS and your dnsmasq
>>> machine?
>>>       
>> To be honest, it can't be the firewall anyway.  All traffic from
>> the internal network is allowed by default.  The only
>> blocking/dropping rules are on the external interface.
>>     
>
> As I said, iptables is not a strong point for me.  But when I read
> your setup, it seems that you do not actually accept ethernet
> broadcasts; you only accept 192.168.xxx.xxx packets, and obviously,
> the NAS will not know to use that address range the first time.
>
> Maybe something like:
> -m addrtype --dst-type BROADCAST -j ACCEPT
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>   

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20081118/30bf679c/attachment.htm


More information about the Dnsmasq-discuss mailing list