Kernel (newest stable w/grsecurity patch): 2.6.29.3-grsec title Debian GNU/Linux, kernel 2.6.29.3-grsec #lock root (hd0,0) kernel /boot/vmlinuz-2.6.29.3-grsec root=/dev/sda1 ro quiet initrd /boot/initrd-2.6.29.3.img Ebtables (Debian ancient!) ebtables v2.0.8-2 (May 2007) --- On Wed, 5/20/09, Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx> wrote: > From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx> > Subject: Re: (DHCP) Ebtables ruleset isn't working, any ideas? > To: "Miguel Ghobangieno" <mikeeusa@xxxxxxxxx> > Cc: netfilter@xxxxxxxxxxxxxxx > Date: Wednesday, May 20, 2009, 12:35 PM > On Wed, 20 May 2009, Miguel > Ghobangieno wrote: > > > I can't get DHCP to work through the firewall, I've > tried everything, even: > > ebtables -A FORWARD -p IPv4 --ip-sport 67:68 -j > ACCEPT > > ebtables -A FORWARD -p IPv4 --ip-dport 67:68 -j > ACCEPT > > > > Other things I tried: > > ebtables -A FORWARD -i eth0 -o eth1 -p 0x800 --ip-src > 192.168.0.1 --ip-proto udp --ip-sport 67:68 -j ACCEPT > > ebtables -A FORWARD -i eth1 -o eth0 -p 0x800 --ip-dst > 255.255.255.255/255.255.255.255 --ip-proto udp --ip-dport > 67:68 -j ACCEPT > > > > and before that: > > ebtables -A FORWARD -p 0x800 --ip-src 192.168.0.1 > --ip-proto udp --ip-sport 68 -j ACCEPT > > ebtables -A FORWARD -p 0x800 --ip-dst 192.168.0.1 > --ip-proto udp --ip-dport 67 -j ACCEPT > > What is your kernel version? What is your ebtables > version? > > Best regards, > Jozsef > - > E-mail : kadlec@xxxxxxxxxxxxxxxxx, > kadlec@xxxxxxxxxxxx > PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt > Address : KFKI Research Institute for Particle and Nuclear > Physics > H-1525 Budapest 114, > POB. 49, Hungary > -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html