Hi Martijn, On Wed, 22 Mar 2006, Martijn Lievaart wrote:
I don't know why either, but some googling turned up http://www.shorewall.net/dhcp.htm:Note For most operations, DHCP software interfaces to the Linux IP stack at a level below Netfilter. Hence, Netfilter (and therefore Shorewall) cannot be used effectively to police DHCP. The ?dhcp? interface option described in this article allows for Netfilter to stay out of DHCP's way for those operations that can be controlled by Netfilter and prevents unwanted logging of DHCP-related traffic by Shorewall-generated Netfilter logging rules.
thank you for this link. It will explain this behavior... kindly Martin
