IP Networking

I have two items, only related because they are both regarding dhcpd.

First of all, I keep seeing dhcpd responding to DHCPREQUESTs on eth1 which is my cable modem. For example:

Sep 12 21:00:09 plague dhclient: DHCPREQUEST on eth1 to 204.186.xxx.xxx port 67
Sep 12 21:00:09 plague dhcpd: DHCPREQUEST for 24.229.xxx.xxx from 00:50:8b:XX:XX:XX via eth1: unknown lease 24.229.xxx.xxx.

this repeats over and over, wasting space with pointless logs. I don't want dhcpd listening to eth1 at all. I tried using iptables to block port 67 on eth1, but I'm guessing this isn't working because the requests are being generated and (unwantedly) answered by the same box. Can I somehow tell dhcpd to only bind to eth0? I'm sure I must be overlooking something simple here; maybe I just haven't searched the right terms to find an answer.

My other issue is, I want to be notified whenever dhcpd gives out a dynamic IP. I have swatch running, and it matches perfectly when a DHCPOFFER of one of an address from the dynamic range is made, but the mail swatch sends out only shows up much later... as long as an hour after the unknown client connected to my network. The idea is, if a friend is using my network or I am testing a new device that I haven't yet assigned a static IP to, I will ignore the notification (a SMS sent to my cell), but if I am not expecting it, I want to know because someone might have broken my wifi encryption (or broken into my garage and plugged into the LAN outside or whatever). It's technically functioning as-is, but not hearing about possible intrusions for up to an hour gives the bad guys a lot of time to download kiddie porn or pirated software under my identity. Anyone have a better solution or know a way to tweak swatch to text me instantly? I know it's not a delay in the mail, because I have other warnings sent to me (ssh from outside the LAN, for example) that have warned me of intruders within 30 seconds and had them banned and passwords changed before any real damage could be done.

Yes, you can. You can pass the interfaces that you want dhcpd to listen on as an argument on the dhcpd command line. Read the dhcpd man page for more information.

Check you dhcpd.conf file for a line like

Code:

DHCPDARGS="eth0 eth1"

aha. it's actually in /etc/sysconfig/dhcpd that it goes. I knew there had to be something, but the manpages weren't making it clear what I needed to do. No more trying to respond to its own dhcp requests for the external interface. Thanks!