On Sun, 2004-01-11 at 18:37, Ramin Dousti wrote: > dhcpd takes and puts packets by netlink sockets which bypass the whole > IP stack. So in short, you cannot filter the requests nor the response. > > Ramin > <snippage> this is slightly off... iirc, some of the negotiation happens that way, further negotiation does not... what I'm sure of however is that if u don't explicitely allow dhcpd traffic server-side, negotiation does not work client-side... which means that not all traffic if any bypasses netfilter... don't have the time to investigate further server-side... sorry...
