Folks,
I am running a dhrelay service and using iptables to be a
firewall to block packets from dhcp server on the inbound side, eth0,
of my Liunx. The reason to do this is to avoid generating duplicated
packets from my machine to dhcp client on the same subnet.
For some reasons, I am unable to block these packets. I have a
simple rule setting below to simply block all incoming UDP packets
where it should block dhcp package as well.
iptables -A INPUT -p UDP -i eth0 -j DROP
dhcp client are still able to receive duplicated packets, one is
from dhcp server and another is from my machine while dhcp relay agent
is relaying packets. Any people see this before? Any comments or
suggestions are welcome. Thanks,
Willy
