Please note: this may be a duplicate post. If so, please disregard
it; I thought I had send it but could not find any evidence of having
done so.
Erwin Lam
Well,... I am not an expert in this matter and I don't understand it either, but could you please post that log entry so we can have a look at it.
OK, here it is. I have mangled my IP address, replacing it with 64.85.299.299. ,---- | Apr 6 07:50:33 wally kernel: SuSE-FW-DROP-ANTI-SPOOFING IN=eth1 OUT= MAC= SRC=64.85.299.299 DST=255.255.255.255 LEN=328 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=68 DPT=67 LEN=308 `---- What's interesting here is that this appears to be the _request_ from dhclient to the server that's being dropped, rather than the response from the server. But if so, how did it wind up on the INPUT chain? Now I'm more confused than ever. -- Alan Hadsell "Whatever does not kill me makes me stranger".