Hi folks, I'm encountering a rather frustrating little problem when trying to get DHCP assigned addresses from a newly set up 3 port firewall machine using SuSE Linux 6.3 (base and all packages updated to the latest versions from a SuSE linux mirror yesterday), and firewals 1.9 beta downloaded from www.suse.de/~marc Here's the problem: eth0 is the card connected to the internet / my company's lan. It has an ip address and can talk to the world at will. No problem there. eth1 is set up as 192.168.1.1, DHCPD is running and is listening to eth1 no problem. So long as the firewall script is *not* running, a client machine on a hub hooked to the firewall machine's eth1 card can request an IP using the dhcp protocol, and it gets 192.168.1.100, just as set up in /etc/ dhcpd.conf. DHCPD _works_, no problem here. Activiate the firewall script (/sbin/init.d/firewall start), and if you release/request an IP from the same client, you're dead. You can't get through to DHCPD to get your IP. I've tried setting the following settings in /etc/rc.firewall but to no avail: FW_DEV_WORLD="eth0" FW_DEV_INT="eth1" FW_ROUTE="yes" FW_MASQUERADE="yes" FW_MASQ_NETS="192.168.1.0/24" FW_MASQ_DEV="$FW_DEV_WORLD" FW_PROTECT_FROM_INTERNAL="yes" FW_AUTOPROTECT_GLOBAL_SERVICES="yes" # bootps = Bootstrap Protocol Server, port 67 # bootpc = Bootstrap Protocol Client, port 68 FW_SERVICES_INTERNAL_TCP="bootps bootpc" FW_SERVICES_INTERNAL_UDP="bootps bootpc" At the time the client machine is making the DHCP request, it has no IP assigned, and I'm thinking that might be the problem. Without an IP, the filter rules in IPChains set by the firewals package/firewall script might not allow 0.0.0.0 to come in on eth1. It's a nice theory, but I have *no* idea how to solve this. :-( Any ideas folks? This only seems to be an issue with DHCP, when the client does *not* have an assigned IP address... Argentium [ Confused ] -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/