Hi. I have a customer using an ADSL connection, that gives the IP address using DHCP. The SuSE release is SuSE 8.1. All current YOU patches is installed. The customer is also running a local DHCP server to provide internal IP's to the other machines on the local network. As can be seen in the log here the firewall is blocking a broadcast from the providers DHCP server (if I'm not mistaken). The following fragment is repeated for each time i give the command "ifup-dhcp eth0". I have replaced the IP the customer get's when the firewall is not running with xxx.xxx.xxx.xxx in the log below. Feb 19 13:20:01 linux kernel: SuSE-FW-ILLEGAL-TARGET IN=eth0 OUT= MAC=00:40:f4:64:5e:31:00:02:3b:02:10:fc:08:00 SRC=10.0.0.1 DST=xxx.xxx.xxx.xxx LEN=180 TOS=0x00 PREC=0x00 TTL=62 ID=47999 PROTO=UDP SPT=53 DPT=1039 LEN=160 Feb 19 13:20:02 linux kernel: SuSE-FW-ILLEGAL-TARGET IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:05:5d:79:d1:b7:08:00 SRC=10.1.1.1 DST=255.255.255.255 LEN=308 TOS=0x00 PREC=0x00 TTL=64 ID=160 PROTO=UDP SPT=67 DPT=68 LEN=288 Feb 19 13:20:02 linux kernel: SuSE-FW-ILLEGAL-TARGET IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:05:5d:79:d1:b7:08:00 SRC=10.1.1.1 DST=255.255.255.255 LEN=299 TOS=0x00 PREC=0x00 TTL=64 ID=161 PROTO=UDP SPT=67 DPT=68 LEN=279 Feb 19 13:20:03 linux kernel: SuSE-FW-ILLEGAL-ROUTING IN=eth0 OUT=eth2 SRC=10.0.0.2 DST=192.168.4.2 LEN=148 TOS=0x00 PREC=0x00 TTL=61 ID=59750 PROTO=UDP SPT=53 DPT=12996 LEN=128 Feb 19 13:20:06 linux kernel: SuSE-FW-ILLEGAL-TARGET IN=eth0 OUT= MAC=00:40:f4:64:5e:31:00:02:3b:02:10:fc:08:00 SRC=10.0.0.2 DST=xxx.xxx.xxx.xxx LEN=203 TOS=0x00 PREC=0x00 TTL=62 ID=59797 PROTO=UDP SPT=53 DPT=1040 LEN=183 Feb 19 13:20:08 linux kernel: SuSE-FW-ILLEGAL-ROUTING IN=eth0 OUT=eth2 SRC=10.0.0.1 DST=192.168.4.2 LEN=148 TOS=0x00 PREC=0x00 TTL=61 ID=49609 PROTO=UDP SPT=53 DPT=12997 LEN=128 Feb 19 13:20:10 linux dhcpcd[9574]: timed out waiting for a valid DHCP server response Feb 19 13:20:11 linux modify_resolvconf: restored /etc/resolv.conf.saved.by.dhcpcd to /etc/resolv.conf All nondefault settings in the /etc/sysconfig/SuSEfirewall2 below: FW_DEV_EXT="eth0" FW_DEV_INT="eth2" FW_DEV_DMZ="eth1" FW_ROUTE="yes" FW_MASQUERADE="yes" FW_MASQ_NETS="0/0" FW_SERVICES_EXT_TCP="ssh ntp 67 68" FW_SERVICES_EXT_UDP="ntp 67 68" FW_SERVICES_DMZ_TCP="ssh" FW_SERVICES_INT_TCP="ssh ntp" FW_SERVICES_INT_UDP="ntp" FW_TRUSTED_NETS="10.0.0.0/8,icmp 10.0.0.0/8,udp,68" FW_ALLOW_INCOMING_HIGHPORTS_TCP="yes" FW_ALLOW_INCOMING_HIGHPORTS_UDP="yes" FW_SERVICE_DHCLIENT="yes" FW_SERVICE_DHCPD="yes" FW_LOG_DROP_ALL="yes" FW_KERNEL_SECURITY="no" I thought the FW_SERVICE_DHCLIENT="yes" should help me, but it did not. Anyone have any pointers to how I can fix this? -- Stefan Nilsen MILLNET AB 013-25 40 19 0736-330 382 stefan.nilsen@millnet.se http://www.millnet.se
I have a customer using an ADSL connection, that gives the IP address using DHCP.
The SuSE release is SuSE 8.1. All current YOU patches is installed. The customer is also running a local DHCP server to provide internal IP's to the other machines on the local network.
I changed /etc/sysconfig/network/dhcp DHCLIENT_SET_HOSTNAME from "yes" to "no" and now I can get the IP from the ISP DHCP server without problems. Just because im curious, in what way can that setting make the DHCP client not get an IP, and *only* when the firewall is active? Should I report this as a bug to the maker of dhcpcd or is it a SuSE bug, or maybe it isn't a bug at all? -- Stefan Nilsen MILLNET AB 013-25 40 19 0736-330 382 stefan.nilsen@millnet.se http://www.millnet.se
participants (1)
-
Stefan Nilsen