[Dnsmasq-discuss] DHCP for multiple address not in the eth0
Kiswono Prayogo
kiswono at gmail.com
Wed Feb 3 23:55:34 GMT 2010
yes, i use iptables.. hmm.. am i forgot to open some port that used by
dhcp? these are some of my default policies:
## clear all rules
iptables -F
iptables -X
iptables -Z
iptables -t filter -F
iptables -t filter -X
iptables -t filter -Z
iptables -t nat -F
iptables -t nat -X
iptables -t nat -Z
iptables -t mangle -F
iptables -t mangle -X
iptables -t mangle -Z
## default policy
iptables -P FORWARD DROP
#iptables -P FORWARD ACCEPT
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
## allow localhost
iptables -A INPUT -i lo -j ACCEPT
## allow some ports
iptables -A INPUT -p TCP --dport 80 -j ACCEPT # http
iptables -A INPUT -p TCP --dport 443 -j ACCEPT # https
iptables -A INPUT -p TCP --dport 53 -j ACCEPT # dns
iptables -A INPUT -p TCP --dport 123 -j ACCEPT # ntp
iptables -A INPUT -p UDP --dport 53 -j ACCEPT # dns
iptables -A INPUT -p UDP --dport 123 -j ACCEPT # ntp
iptables -A INPUT -p ICMP -j ACCEPT
iptables -A INPUT -p GRE -j ACCEPT
#... many others forwarding policies
iptables -A POSTROUTING -t nat -o $ee -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
--
Regards,
Kiswono P
GB
More information about the Dnsmasq-discuss
mailing list