Re: dhcp & kernel: Unknown InputIN=eth0 ...

On Fri, 2005-08-07 at 19:49 -0500, Ryan wrote:
> On Fri, 2005-07-08 at 19:38 -0400, David Niemi wrote:
> > > it seems that the one of the firewall settings is not right so it
> > isn't allowing
> > > the communication out to the home network from the firewall for dhcp
> > etc.

> Just some thoughts -
> 
> 1. When you try DHCPd, and attempt to connect a client,
> does /var/log/messages have any iptables messages saying that the
> firewall is blocking the DHCP requests?

Yup, here is an earlier extraction from messages.
Jul  7 19:09:47 rhonda kernel: Unknown InputIN=eth0 OUT=
 MAC=ff:ff:ff:ff:ff:ff:00:01:29:f9:02:86:08:00 SRC=0.0.0.0
 DST=255.255.255.255 LEN=328 TOS=0x10 PREC=0x00 TTL=16 ID=0 PROTO=UDP
 SPT=68 DPT=67 LEN=308

Audit has some messages about something but I am not sure what they are.

> 2. Are you using SELinux? If so, have you tried disabling it?

Yup, just tried, and you guessed it everything works.  I set it to
permissive so I still have LOTS of warnings though the dhcp is working
well.  audit.log contains a bunch of messages also.

> 3. After trying to connect a client via DHCP, (as root) run "arp" and
> see if you see the client's MAC address.

Yup, I see the allocated IP and MAC address.
> 
> 4. Can you post /etc/dhcpd.conf?

  # DHCP configuration generated by Firestarter
  ddns-update-style interim;
  ignore client-updates;

  subnet 192.168.0.0 netmask 255.255.255.0 {
          option routers 192.168.0.1;
          option subnet-mask 255.255.255.0;
          option domain-name-servers 24.153.22.67, 24.153.23.66;
          option ip-forwarding off;
          range dynamic-bootp 192.168.0.170 192.168.0.200;
          default-lease-time 21600;
          max-lease-time 43200;
  }

> 
> 5. Are iptables off? In Fedora try "service iptables stop" THEN try
> firestarter.

service iptables status says "Firewall is stopped."

I kind of knew that if I shut off seLinux things would work but that
kind of defeats the purpose of having the extra security. I guess that I
could just disable the seLinux monitoring of dhcp and see what is
happening.

I am not sure but could this be caused by firestarter starting and
controlling dhcp instead of the system? 

Dave



-------------------------------------------------------
This SF.Net email is sponsored by the 'Do More With Dual!' webinar happening
July 14 at 8am PDT/11am EDT. We invite you to explore the latest in dual
core and dual graphics technology at this free one hour event hosted by HP, 
AMD, and NVIDIA.  To register visit http://www.hp.com/go/dualwebinar