-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 7 Jan 2002, Todd Vierling wrote:

>Note that dhcpd *does* open a socket on port 68, bound to all interfaces,
>for the purpose of direct communication and fallback.  So it's possible that
>either (1) we have a bug in packet processing somewhere, or (2) the original
>poster didn't have ipf set Correctly for testing (maybe just a simple
>oversight).
>
>This "bug" needs much more analysis before coming to conclusions about how
>to "fix" it.

Several people have reviewed the ipf config used here, and several
people have reproduced the problem with their own ipf configs.

I am not currently in a position to judge whether this is a dhcpd bug or
something else.  It _is_ occuring, and as Michael Richardson (who has
also reproduced the problem) has pointed out, it's _not_ acceptable.

If bpf is not listening on that interface, we need to determine how nmap
is getting a response from the host, and how the ipf rule governing port
68 is not getting hit (as ipfstat confirms).

Any thoughts?

- -- 
				Jim Wise
				jwise@draga.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (NetBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE8Oe/yN71lEcOYcw4RArQ5AJ9zp5vvuIZiRIahBhqjJEqX45dahQCg0Bby
repBU5aTgnWvJG5VC1BHq+4=
=E3uZ
-----END PGP SIGNATURE-----