On Jan 5,  7:08pm, khym@azeotrope.org (Dave Huang) wrote:
-- Subject: Re: dhcpd(8) _cannot_ be completely disabled on an interface

Ah, I see he was trying to use ipf to limit further dhcpd internally.
The solution here is to use fixed leases and not allow dynamic addresses.
But that does not address the nmap problem.


christos

| Isn't that what the following does?
| 
| > >dhcpd=YES               dhcpd_flags="-q le0 ray0"
| 
| > >To review:
| > >
| > >Inside interfaces are ray0 and le0 (yes, dhcp is limited to a specific
| > >set of hardware addresses on ray0.  that's another discussion).  Outside
| > >interface is vr0.
-- End of excerpt from Dave Huang