Hallo Andreas, Am Mittwoch, 8. September 2004 14:57 schrieb Andreas Feile:
Tach,
mir fällt folgendes auf:
Lothar Vorrath, Mittwoch, 8. September 2004 14:34:
option netbios-name-servers 192.168.0.1;
Diese Option gibts in meiner man-page nicht (dhcp-server-3.0.1rc10-63), ...
allow unknown-clients;
...und diese auch nicht. Startet der dhcpd wirklich fehlerfrei hoch? Was sagt ein tail -f /var/log/messages | grep dhcp während des Starts? Hast Du vielleicht eine Firewall am laufen, die die Anfragen blockt?
-- Antworten an lists@feile.net werden in /dev/null archiviert! Bitte ggf. lists... durch mail... ersetzen.
Andreas Feile www.feile.net
erstmal vielen Dank für deine Antwort. Die Option allow unknown-clients steht in "man dhcpd.conf". Die andere Option hab ich auch irgendwo her, aber finde das im Moment nicht. Allerdings sind beide Option erst nachdem es klappte von mir eingefügt worden. Hier mal das Protokoll bei Start von dhcpd Sep 8 15:27:48 tux su: (to root) lothar on /dev/pts/2 Sep 8 15:27:48 tux su: pam_unix2: session started for user root, service su Sep 8 15:28:02 tux dhcpd: Internet Software Consortium DHCP Server V3.0.1rc13 Sep 8 15:28:02 tux dhcpd: Copyright 1995-2003 Internet Software Consortium. Sep 8 15:28:02 tux dhcpd: All rights reserved. Sep 8 15:28:02 tux dhcpd: For info, please visit http://www.isc.org/products/DHCP Sep 8 15:28:02 tux dhcpd: Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file Sep 8 15:28:02 tux dhcpd: Internet Software Consortium DHCP Server V3.0.1rc13 Sep 8 15:28:02 tux dhcpd: Copyright 1995-2003 Internet Software Consortium. Sep 8 15:28:02 tux dhcpd: All rights reserved. Sep 8 15:28:02 tux dhcpd: For info, please visit http://www.isc.org/products/DHCP Sep 8 15:28:02 tux dhcpd: Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file Sep 8 15:28:02 tux dhcpd: Wrote 0 leases to leases file. Sep 8 15:28:02 tux dhcpd: Listening on Socket/eth1/192.168.0.0/24 Sep 8 15:28:02 tux dhcpd: Sending on Socket/eth1/192.168.0.0/24 Sep 8 15:28:02 tux dhcpd: Sending on Socket/fallback/fallback-net Das interne Netz sollte eigentlich alles können. Ein iptables -L ergibt tux:/home/lothar # iptables -L Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere bad_packets all -- anywhere anywhere DROP all -- anywhere ALL-SYSTEMS.MCAST.NET ACCEPT all -- 192.168.0.0/24 anywhere ACCEPT all -- anywhere 192.168.0.255 ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED tcp_inbound tcp -- anywhere anywhere udp_inbound udp -- anywhere anywhere icmp_packets icmp -- anywhere anywhere DROP all -- anywhere 255.255.255.255 Chain FORWARD (policy DROP) target prot opt source destination bad_packets all -- anywhere anywhere tcp_outbound tcp -- anywhere anywhere udp_outbound udp -- anywhere anywhere ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED Chain OUTPUT (policy DROP) target prot opt source destination DROP icmp -- anywhere anywhere state INVALID ACCEPT all -- localhost anywhere ACCEPT all -- anywhere anywhere ACCEPT all -- tux.vorrath.home anywhere ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere LOG all -- anywhere anywhere limit: avg 3/min burst 3 LOG level warning prefix `OUTPUT packet died: ' Chain bad_packets (2 references) target prot opt source destination LOG all -- anywhere anywhere state INVALID LOG level warning prefix `Invalid packet: ' DROP all -- anywhere anywhere state INVALID bad_tcp_packets tcp -- anywhere anywhere RETURN all -- anywhere anywhere Chain bad_tcp_packets (1 references) target prot opt source destination RETURN tcp -- anywhere anywhere LOG tcp -- anywhere anywhere tcp flags:!SYN,RST,ACK/SYN state NEW LOG level warning prefix `New not syn: ' DROP tcp -- anywhere anywhere tcp flags:!SYN,RST,ACK/SYN state NEW RETURN tcp -- anywhere anywhere Chain icmp_packets (1 references) target prot opt source destination LOG icmp -f anywhere anywhere LOG level warning prefix `ICMP Fragment: ' DROP icmp -f anywhere anywhere LOG icmp -- anywhere anywhere icmp echo-request LOG level warning prefix `Ping detected: ' ACCEPT icmp -- anywhere anywhere icmp echo-request DROP icmp -- anywhere anywhere icmp echo-request ACCEPT icmp -- anywhere anywhere icmp time-exceeded RETURN icmp -- anywhere anywhere Chain tcp_inbound (1 references) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp dpt:http RETURN tcp -- anywhere anywhere Chain tcp_outbound (1 references) target prot opt source destination REJECT tcp -- anywhere anywhere tcp dpt:irc reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp dpt:telnet reject-with icmp-port-unreachable ACCEPT tcp -- anywhere anywhere Chain udp_inbound (1 references) target prot opt source destination DROP udp -- anywhere anywhere udp dpt:netbios-ns DROP udp -- anywhere anywhere udp dpt:netbios-dgm ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:bootpc RETURN udp -- anywhere anywhere Chain udp_outbound (1 references) target prot opt source destination ACCEPT udp -- anywhere anywhere Lothar