Hi,

I am using a machine which optains an ip from a dhcp machine.
I am also running ipf and blocking all, exept for some conditions
for else i couldnt send this mail :)
Normally a dhcp request is send out to 255.255.255.255 port 67 tcp
from my machine (correct me where i am wrong).
An answer comes back to me on port 68 tcp from the dhcp machine.

Strangely enough when booting i see that ipfilter is initialized
and after that dhcp is done to obtain an address and the answer to
me is allowed to come in despite the block in all rule at
the start. I must admit that i also have a rule that
allows me to send out such traffic and is keeping state.
But because the repley is normally sent to port 68 i do not exept
that the repley is seen as a part of the connection.
Could be wrong here though ....

Basically i am asking, do i have to add an extra rule
to exept traffic to port 68 tcp from the dhcp machine from port 67
or is the repley allrdy allowed to come in because of the state keeping
in the outgoing connection?
Bye,

Mipam.