02-13-2013
Hi bakunin,
Thanks for your explanation.
Which brings me to think that DGPickett's idea was the best option: "Add a firewall".
So that I can just refuse any incoming request from unknown hosts.
I'll try and figure that out with the system administrator.
Regards
Santiago
9 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
(GNU/Linux)
Ain't it possible to force dhcpd to NOT send any DHCP Offers on a specific interface?
I dont want dhcpd to answer on eth0 but do answer on eth1.
best regards /Esaia (2 Replies)
Discussion started by: Esaia
2 Replies
2. Linux
I have intall a REdhat 9.0 as a server and Ive configure to act as a DHCP however Im having technical problems b/c the file /etc/dhcpd.conf does not exists. I went to the text edit and I created :
subnet 192.192.168.100.0 netmask 255.255.255.0 {
range 192.168.100.10 192.168.100.150;... (1 Reply)
Discussion started by: keliy1
1 Replies
3. UNIX for Advanced & Expert Users
I want to change the password for dhcpd so I can give it to the dhcp operator to handle dhcp server. however, when I use passwd to change the password, it prompt me with
changing password for dhcpd.
old password:
my question is that I have never set dhcpd password before, so what is the old... (1 Reply)
Discussion started by: fredao
1 Replies
4. Linux
Hi All,
I'm curious about what this community would think about this portion of a dhcpd.conf file:
subnet 192.168.1.0 netmask 255.255.255.0 {
...
...other parameters/options...
...
range 192.168.1.3 192.168.1.253
range 172.16.0.2 172.16.0.50
}
I tested this and... (1 Reply)
Discussion started by: Keene44
1 Replies
5. IP Networking
Hi All,
I'm curious about what this community would think about this portion of a dhcpd.conf file:
subnet 192.168.1.0 netmask 255.255.255.0 {
...
...other parameters/options...
...
range 192.168.1.3 192.168.1.253
range 172.16.0.2 172.16.0.50
}
I tested this and dhcpd did not barf... (1 Reply)
Discussion started by: Keene44
1 Replies
6. UNIX for Advanced & Expert Users
Hi All,
I'm curious about what this community would think about this portion of a dhcpd.conf file:
subnet 192.168.1.0 netmask 255.255.255.0 {
...
...other parameters/options...
...
range 192.168.1.3 192.168.1.253
range 172.16.0.2 172.16.0.50
}
I tested this and dhcpd did not barf... (2 Replies)
Discussion started by: Keene44
2 Replies
7. IP Networking
I have two items, only related because they are both regarding dhcpd.
First of all, I keep seeing dhcpd responding to DHCPREQUESTs on eth1 which is my cable modem. For example:
Sep 12 21:00:09 plague dhclient: DHCPREQUEST on eth1 to 204.186.xxx.xxx port 67
Sep 12 21:00:09 plague dhcpd:... (2 Replies)
Discussion started by: NESter
2 Replies
8. Linux
Hi I am a bit confused, I want to setup failover within dhcpd. There are multiple subnets and hosts with static IP's. however it seems I need to set up an IP range for the subnets for failover to work is this correct or am I missing something (1 Reply)
Discussion started by: eeisken
1 Replies
9. Shell Programming and Scripting
Hi there,
I setup a dhcp server on a debian.
It is designed to only assign ip addresses to a list of known hosts.
The config file looks like :
log-facility local6;
ignore unknown-clients;
subnet 172.16.0.0 netmask 255.255.0.0 { }
host 1 { hardware ethernet 00:03:2d:xx:xx:xx; fixed-address... (3 Replies)
Discussion started by: chebarbudo
3 Replies
ENC(4) BSD Kernel Interfaces Manual ENC(4)
NAME
enc -- Encapsulating Interface
SYNOPSIS
To compile this driver into the kernel, place the following line in your kernel configuration file:
device enc
DESCRIPTION
The enc interface is a software loopback mechanism that allows hosts or firewalls to filter ipsec(4) traffic using any firewall package that
hooks in via the pfil(9) framework.
The enc interface allows an administrator to see incoming and outgoing packets before and after they will be or have been processed by
ipsec(4) via tcpdump(1).
The ``enc0'' interface inherits all IPsec traffic. Thus all IPsec traffic can be filtered based on ``enc0'', and all IPsec traffic could be
seen by invoking tcpdump(1) on the ``enc0'' interface.
What can be seen with tcpdump(1) and what will be passed on to the firewalls via the pfil(9) framework can be independently controlled using
the following sysctl(8) variables:
Name Defaults Suggested
net.enc.out.ipsec_bpf_mask 0x00000003 0x00000001
net.enc.out.ipsec_filter_mask 0x00000001 0x00000001
net.enc.in.ipsec_bpf_mask 0x00000001 0x00000002
net.enc.in.ipsec_filter_mask 0x00000001 0x00000002
For the incoming path a value of 0x1 means ``before stripping off the outer header'' and 0x2 means ``after stripping off the outer header''.
For the outgoing path 0x1 means ``with only the inner header'' and 0x2 means ``with outer and inner headers''.
incoming path |------|
---- IPsec processing ---- (before) ---- (after) ----> | |
| Host |
<--- IPsec processing ---- (after) ----- (before) ---- | |
outgoing path |------|
Most people will want to run with the suggested defaults for ipsec_filter_mask and rely on the security policy database for the outer head-
ers.
EXAMPLES
To see the packets the processed via ipsec(4), adjust the sysctl(8) variables according to your need and run:
tcpdump -i enc0
SEE ALSO
tcpdump(1), bpf(4), ipf(4), ipfw(4), ipsec(4), pf(4), tcpdump(8)
BSD
November 28, 2007 BSD