dhclient ignores firewall rules on Linux
Andrew Pollock
apollock at debian.org
Mon Sep 19 22:24:34 UTC 2005
Hi,
Anyone care to comment on this bug report?
Please maintain the Cc line so that the original submitter and our BTS
is kept in the loop.
regards
Andrew
On Wed, Apr 20, 2005 at 01:16:40PM +0200, Martin Samuelsson wrote:
> Package: dhcp3-client
> Version: 3.0.1-1
>
> This is not reported againt the latest version, but the debian changelog
> lists nothing relevant to the problem.
>
> After running:
>
> leka# iptables --append INPUT --source 192.168.1.1 -j DROP
> leka# iptables --append INPUT --match mac --mac-source 00:30:54:40:00:40 -j DROP
>
> I would expect not to get replies from a bogus client setup as a server.
> However they still reach dhclient and assigns me an useless address.
> Both the packets and bytes counters increase, so surely the kernel do
> actually drop them.
>
> (Yes I told the network admin yesterday and gave him full information,
> but it is still around somewhere. The network being wireless makes it a
> bit tricky to figure out who is the criminal)
>
> The reason can be read in the README, I assume this is it:
>
> "
> This isn't generally a problem on Linux 2.2 and later kernels, since we
> completely bypass the Linux IP stack,
> "
>
> When a piece of software completely bypasses it's operating system it
> should still behave as it didn't. In this case apply those firewall
> rules on incoming packets.
>
> Thanks,
> --
> /Martin
More information about the dhcp-hackers
mailing list