[ previous ] [ next ] [ threads ]
 
 From:  "BD" <thebd at comcast dot net>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Passing DHCP through a filtered bridge?
 Date:  Wed, 1 Dec 2004 11:16:33 -0800
Does anyone know why that, when I setup a general rule under the ruleset to
allow all data on OPT1 to pass through (to be essentially the same as the
LAN interface rule), it doesn't work? The only way I can get information
from OPT1 to pass through WAN is to individually add all of the rules-
despite the fact I already have a general rule saying to allow everything
form OPT1 to pass through.

-----Original Message-----
From: BD [mailto:thebd at comcast dot net] 
Sent: Tuesday, November 30, 2004 3:57 PM
To: m0n0wall at lists dot m0n0 dot ch
Subject: RE: [m0n0wall] Passing DHCP through a filtered bridge?

I finally figured it out; I had to add a rule on the OPT1 interface that
allowed all traffic with source 0.0.0.0:68 and destination
255.255.255.255:67 to pass through, and now my laptop is getting an IP
address. However, I can't get to any web sites, so I guess that's my next
step. For some reason, it doesn't seem like an all purpose rule to let
everything from OPT1 pass through WAN is working.

-----Original Message-----
From: BD [mailto:thebd at comcast dot net] 
Sent: Tuesday, November 30, 2004 3:36 PM
To: m0n0wall at lists dot m0n0 dot ch
Subject: RE: [m0n0wall] Passing DHCP through a filtered bridge?

Hmm, I've tried that rule and quite a few different variations of it, but I
still can't get an IP via DHCP with my laptop, which is on the OPT1 network.

Could it be because the school's DHCP server is only the other side of
multiple routers (or bridges) that segment the network? For example, when I
plug in my laptop to the school's jack, there's a chance I could end up on
any of four different subnets, either 130.191.195.x, 130.191.196.x,
146.244.195.x, or 146.244.196.x, with the DHCP server at 130.191.200.55, and
each of those four subnets having either a router or bridge (I suspect
router) at .254.

-----Original Message-----
From: Justin Ellison [mailto:justin at techadvise dot com] 
Sent: Tuesday, November 30, 2004 3:08 PM
To: BD
Subject: Re: [m0n0wall] Passing DHCP through a filtered bridge?

Try a rule on the WAN, that allows incoming traffic from the IP of your
DHCP as the source, ANY as the destination, destination ports of UDP 68
and source port of 67.

Off the top of my head, but that should do it.

Justin 

On Tue, 2004-11-30 at 14:56 -0800, BD wrote:
> I figure this was a different enough subject to diverge from my 
> previous e-mail about setting up a DHCP Relay. I have since changed 
> m0n0wall to be a bridge- but that is not quite exactly what I want. 
> When it is in bridge mode, the computers on the OPT1 side can receive 
> IP address by the DHCP server on the other side of the WAN interface 
> fine, but all of the traffic from the network connected to the WAN 
> interface, of course, gets through. I tried to enable filtered 
> bridging, and forwarded all of the IPs for the DHCP server and routers 
> on the network hooked up to WAN onto OPT1, but then no computers on the 
> OPT1 network can receive IP addresses anymore.
> 
> Is there any way to pass through the DHCP packets between the WAN 
> interface and the bridged OPT1 interface with filtering enabled? I'm 
> not sure what type of rule I would have to add to allow this, or if it 
> would be something completely different involving NAT or something 
> else. I really want to keep away from setting up my own router/DHCP 
> server and assigning 192.x or 10.x or whatever range to my computers if 
> I can use my school's DHCP server instead. Does anyone have any ideas?
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
-- 


---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch


---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch