You can configure dhcp and dns itself to only listen/respond on one NIC. No need to make any filter rules. Won't help the network support people, for most network support people crazyness is a default state of mind. Cheers, Jeroen. On Sun, 29 Feb 2004 13:54:29 -0600 "Dr. Lawrence J. Schmitt" <lschmitt@xxxxxxx> wrote: > > I am setting up a lab for students to configure and experiment with > Linux. I need to set up something that will keep responses to DHCP > requests from leaving the lab to keep from driving the network support > people crazy. > 1. What is the appropriate tool to use? > 2. Can anyone suggest an iptables rule that will block either > dhcp requests from entering the lab subnet or responses from > exiting. > 3. I would like to set up one pc running Linux as a router and > firewall, filter that also would run DHCP and DNS for the local > lab as well as block responses to DHCP requests on the nic that > is connected to the campus network. > > Any thoughts or comments are appreciated. > > Thanks in advance, > > Larry Schmitt > > > > >
