On Wednesday 26 April 2006 13:09, A.Fadyushin@xxxxxxxxxxxx wrote: >Yes, you can give clients the address of gateway via DHCP. The > necessary option in dhcp configuration is called 'routers'. You > should put in the dhcpd.conf file (usually in the subnet definition) > the following line > >option routers <gateway_address>; > >Change the '<gateway_address>' with the address of your gateway. If > yor network is complex and includes more than gateway for the client, > list on that line all the gateways addresses separated by commas (see > the description of this option in 'dhcp-options' manpage). > >The dhcpd server does not support the client authentication at this > time (howewer, it may support it in the future). You could try to > make something similar to protection you need using dhcpd's ability > to include conditions in its configuration (see 'dhcpd-eval' > manpage). > There doesn't seem to be a man 'dhcpd-eval' on that box. And whatever I've done, there is no response in the logs on that box for a dhcp negotiation session. Here is the last restart of the dhcpd daemon as it shows in /var/log/messages: Apr 26 19:34:43 gene dhcpd: Apr 26 19:34:43 gene dhcpd: Listening on Socket/eth1/192.168.71.0 Apr 26 19:34:43 gene dhcpd: Sending on Socket/eth1/192.168.71.0 Apr 26 19:34:43 gene dhcpd: Listening on Socket/eth0/192.168.1.0 Apr 26 19:34:43 gene dhcpd: Sending on Socket/eth0/192.168.1.0 Apr 26 19:34:43 gene dhcpd: Listening on Socket/eth1/192.168.71.0 Apr 26 19:34:43 gene dhcpd: Sending on Socket/eth1/192.168.71.0 Apr 26 19:34:43 gene dhcpd: Listening on Socket/eth0/192.168.1.0 Apr 26 19:34:43 gene dhcpd: Sending on Socket/eth0/192.168.1.0 Apr 26 19:34:43 gene dhcpd: dhcpd startup succeeded Here is the networks lashup: HP-laptop<rf>wap11<eth>[8-port-switch]<eth>firewall-1.92.168.71.1<iptables>firewall-191.168.1.1<router>[DSL-modem] Here is the current, I think identical to what WAS working partially I think, dhcpd.conf on the firewall box: subnet 192.168.71.0 netmask 255.255.255.0 { # --- default gateway option routers 192.168.1.1; option subnet-mask 255.255.255.0; option nis-domain "coyote.den"; option domain-name "coyote.den"; option domain-name-servers 192.168.71.1; option time-offset -18000; # Eastern Standard Time # option ntp-servers 192.168.1.1; # option netbios-name-servers 192.168.1.1; # --- Selects point-to-point node (default is hybrid). Don't change this unless # -- you understand Netbios very well # option netbios-node-type 2; range dynamic-bootp 192.168.71.101 192.168.71.105; range 192.168.71.101 192.168.71.105; default-lease-time 21600; max-lease-time 43200; # we want the nameserver to appear at a fixed address host ns { next-server 192.168.71.1; #gene.coyote.den; hardware ethernet 00:09:5B:07:7E:7D; fixed-address 192.168.71.1; } } # I've NDI why I even need this section, nothing comes from there that # needs to have access to dhcpd services. subnet 192.168.1.0 netmask 255.255.255.0 { option routers 192.168.1.1; option subnet-mask 255.255.255.0; option nis-domain "coyote.den"; option domain-name "coyote.den"; option domain-name-servers 192.168.71.1; host ns { next-server 192.168.1.1; hardware ethernet 00:40:33:57:28:51; fixed-address 192.168.1.100; } } ----------------------------- There is more than just the routers wrong in the above file, as I did try it at 71.1, and that broke it even when converted back to 1.1. Here is the currently working ifcfg-wlan0 from diablo[HP laptop] [root@diablo network-scripts]# cat ifcfg-wlan0 DEVICE=wlan0 ONBOOT=yes BOOTPROTO=none TYPE=Wireless MODE=Managed ESSID=ICECAP4NIGHTCAP CHANNEL=6 IPADDR=192.168.71.6 DOMAIN=coyote.den NETMASK=255.255.255.0 GATEWAY=192.168.71.1 USERCTL=no PEERDNS=no IPV6INIT=no RATE=Auto DHCP_HOSTNAME=diablo.coyote.den HWADDR=00:14:A5:75:32:C9 ---------------------------- Now, if I change to BOOTPROTO=dhcp and comment out the gateway & local addresses, then restart the network on the lappy, there is no query for dhcp showing in the firewalls logs. I'm obviously in over my head here as that was working this morning before I took it to the tv station and tried and failed to connect to their wifi network, for about 2 hours of the infinite monkeys routine. The wap11 currently has an address, obtained before trying to figure out howto dhcp connect to a new network. XP on that same lappy even remembered the key from the session before, so it Just Worked(TM) when I tried it today. Is the above enough to see what it is I need to do? -- Cheers, Gene People having trouble with vz bouncing email to me should add the word 'online' between the 'verizon', and the dot which bypasses vz's stupid bounce rules. I do use spamassassin too. :-) Yahoo.com and AOL/TW attorneys please note, additions to the above message by Gene Heskett are: Copyright 2006 by Maurice Eugene Heskett, all rights reserved. -- fedora-legacy-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-legacy-list