Make a DHCP server using Fedora - Help

Antonio Olivares olivares14031 at yahoo.com
Sat Nov 15 03:15:08 UTC 2008 

--- On Fri, 11/14/08, Antonio Olivares <olivares14031 at yahoo.com> wrote:
> 
> Breakthrough, changed the ARGS to 
> [olivares at localhost ~]$ cat /etc/sysconfig/dhcpd
> # Command line options here
> DHCPDARGS=eth0
> 
> and it is working :) 
> 
> [root at localhost ~]# dhcpd -f
> Internet Systems Consortium DHCP Server 4.0.0
> Copyright 2004-2007 Internet Systems Consortium.
> All rights reserved.
> For info, please visit http://www.isc.org/sw/dhcp/
> Warning: subnet 10.154.19.0/27 overlaps subnet
> 10.154.19.0/24
> Not searching LDAP since ldap-server, ldap-port and
> ldap-base-dn were not specified in the config file
> Wrote 0 leases to leases file.
> Listening on LPF/eth0/00:0e:a6:42:59:af/10.154.19.0/24
> Sending on   LPF/eth0/00:0e:a6:42:59:af/10.154.19.0/24
> Sending on   Socket/fallback/fallback-net
> ^C
> [root at localhost ~]# service dhcpd stop
> [root at localhost ~]# service dhcpd start
> Starting dhcpd:                                           
> [  OK  ]
> 
> 
>  but now selinux gets in the way :(
> 
> Nov 14 20:03:40 localhost kernel: type=1400
> audit(1226714620.135:183): avc:  denied  { read } for 
> pid=5267 comm="dhcpd" name="dhcpd.pid"
> dev=dm-0 ino=3244731
> scontext=unconfined_u:system_r:dhcpd_t:s0
> tcontext=unconfined_u:object_r:var_run_t:s0 tclass=file
> Nov 14 20:03:40 localhost kernel: type=1400
> audit(1226714620.135:184): avc:  denied  { write } for 
> pid=5267 comm="dhcpd" name="dhcpd.pid"
> dev=dm-0
> ino=3244731scontext=unconfined_u:system_r:dhcpd_t:s0
> tcontext=unconfined_u:object_r:var_run_t:s0 tclass=file
> Nov 14 20:03:40 localhost dhcpd: Can't create PID file
> /var/run/dhcpd.pid: Permission denied.
> 
> How can I allow it to work?  
> 
> 
> Thanks,
> 
> Antonio 
> 
> 
>       
> 
> -- 

After this breakthrough I also found out or not sure here?
is that iptables are forwarding packets to eth1

upon reading another page:
http://chwang.blogspot.com/2007/11/making-linux-fedora-core-8-as-gateway.html

it says iptables and has this part:  

# Forward all packets from eth1 (internal network) to eth0 (the public internet)
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
# Forward packets that are part of existing and related connections from eth0 to eth1
iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT
# Enable SNAT functionality on eth0. a.b.c.d are generally the ip of the eth0
iptables -A POSTROUTING -t nat -s 192.168.1.0/24 -o eth0 -j SNAT --to-source a.

Then it recommends visiting the other page which was referenced before.  

I will probably get to this machine tomorrow or on Monday.  I hope that I can get this working and with advice from the list I believe it can get done.

Regards,

Antonio

More information about the fedora-list mailing list