<br><br><div><span class="gmail_quote">On 8/9/07, <b class="gmail_sendername">J Silverman</b> <<a href="mailto:g1powermac@yahoo.com">g1powermac@yahoo.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Hello Simon,<br><br>Thanks for the info. However, I think I found an issue with this setup. On the routers, all the physical interfaces and the VPN interface are bridged together, so to dnsmasq it only sees one interface, if I'm reading this correctly. So, I can't tell it to ignore the vpn interface, since to it, it's all under the bigger bridged interface and I also can't tell it to ignore the bridged interface since then I'd have no dhcp for the entire network. Would you have any suggestions on how to get around this?
</blockquote><div><br>Use iptables and the physdev module to selectively drop bootp traffic (udp port 67) to'/from the vpn interface.<br><br> </div><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<span class="q">Thanks,<br>J Silverman<br><br><b><i>Simon Kelley <<a href="mailto:simon@thekelleys.org.uk" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">simon@thekelleys.org.uk</a>></i></b> wrote:
</span><blockquote style="border-left: 2px solid rgb(16, 16, 255); margin-left: 5px; padding-left: 5px;"><span class="q"> J Silverman wrote:<br>> Hello Simon,<br>> <br>> I was just researching this a bit more and was thinking of using
<br></span>> except-interface=. Would the no-dhcp-interface be<span class="q"><br>> a better
choice?<br><br>Both will work: the difference is that except-interface tells dnsmasq to<br>ignore DNS queries arriving on that interface, as well as DHCP and TFTP.<br>no-dhcp-interface stops DHCP and TFTP, but allows DNS. In your case you
<br>probably won't have DNS queries crossing the bridge, but there's no<br>particular reason to block them.<br><br>Cheers,<br><br>Simon.<br></span></blockquote><br><p>
</p><hr size="1"><a href="http://us.rd.yahoo.com/evt=48250/*http://searchmarketing.yahoo.com/arp/sponsoredsearch_v9.php?o=US2226&cmp=Yahoo&ctv=AprNI&s=Y&s2=EM&b=50" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
Pinpoint customers </a>who are looking for what you sell.
<p></p><br>_______________________________________________<br>Dnsmasq-discuss mailing list<br><a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:Dnsmasq-discuss@lists.thekelleys.org.uk">Dnsmasq-discuss@lists.thekelleys.org.uk
</a><br><a onclick="return top.js.OpenExtLink(window,event,this)" href="http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss" target="_blank">http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss</a><br>
<br></blockquote></div><br>