Subject: Re: simple ipfilter-question
To: None <netbsd-users@NetBSD.org>
From: Jukka Salmi <j+nbsd@2006.salmi.ch>
List: netbsd-users
Date: 01/03/2006 10:45:04
Petar Bogdanovic --> netbsd-users (2006-01-02 21:15:42 +0100):
[...]
> The bpf(4)-use of dhcpd seems not to be indisputable..
>
> http://mail-index.netbsd.org/tech-security/2002/01/05/0000.html
>
>
> However, I don't know what happened in the meantime.
I can't reproduce the problem described in the post:
$ uname -srp
NetBSD 2.1_STABLE i386
$ ps -ax | grep dhc
309 ?? Ss 0:00.64 /usr/sbin/dhcpd -q fxp0
$ ipf -V
ipf: IP Filter: v4.1.3 (396)
Kernel: IP Filter: v4.1.3
[...]
$ ipfstat -ion
@1 pass out all
@1 pass in all
@2 block return-icmp-as-dest(port-unr) in quick on fxp0 from any to any port = 68
Running nmap (3.95) on this machine from another system:
$ nmap -sU -p67,68 $host
[...]
PORT STATE SERVICE
67/udp open|filtered dhcpserver
68/udp closed dhcpclient
[...]
Cheers, Jukka
--
bashian roulette:
$ ((RANDOM%6)) || rm -rf ~