| View previous topic :: View next topic |
| Author |
Message |
joycea
Apprentice
Joined: 23 Jul 2002
Posts: 191
Location: Kingston, Canada
|
 Posted: Wed Sep 22, 2004 4:31 pm Post subject: pump on tcp 68 |
 |
|
| I am just trying to configure a firewall. I was wondering if there is a reason to allow pump to listen to TCP port 68? Do I need to do this for DHCP or why is it there? I could see it wanting to listen on UDP 68, but TCP 68 seems weird to me. |
|
| Back to top |
|
 |
aetius
Tux's lil' helper
Joined: 09 Jul 2004
Posts: 118
|
| Posted: Wed Sep 22, 2004 7:09 pm Post subject: |
|
|
Nope, no need to listen on tcp 68. Port numbers are often reserved on both tcp and udp with no real reason other than to minimize confusion. In fact, if you are solely a dhcp client, you can safely close off udp 68 as well -- provided you utilize the iptables state system and allow established and related connections. Since the dhcp client broadcasts the original dhcp request, replies are considered related and are allowed through.
Assuming that you allow any output, you can use this rule to allow a dhcp client to work:
| Code: | | iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT |
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
