Make a DHCP server using Fedora - Help
Antonio Olivares
olivares14031 at yahoo.com
Sat Nov 15 03:15:08 UTC 2008
--- On Fri, 11/14/08, Antonio Olivares <olivares14031 at yahoo.com> wrote:
>
> Breakthrough, changed the ARGS to
> [olivares at localhost ~]$ cat /etc/sysconfig/dhcpd
> # Command line options here
> DHCPDARGS=eth0
>
> and it is working :)
>
> [root at localhost ~]# dhcpd -f
> Internet Systems Consortium DHCP Server 4.0.0
> Copyright 2004-2007 Internet Systems Consortium.
> All rights reserved.
> For info, please visit http://www.isc.org/sw/dhcp/
> Warning: subnet 10.154.19.0/27 overlaps subnet
> 10.154.19.0/24
> Not searching LDAP since ldap-server, ldap-port and
> ldap-base-dn were not specified in the config file
> Wrote 0 leases to leases file.
> Listening on LPF/eth0/00:0e:a6:42:59:af/10.154.19.0/24
> Sending on LPF/eth0/00:0e:a6:42:59:af/10.154.19.0/24
> Sending on Socket/fallback/fallback-net
> ^C
> [root at localhost ~]# service dhcpd stop
> [root at localhost ~]# service dhcpd start
> Starting dhcpd:
> [ OK ]
>
>
> but now selinux gets in the way :(
>
> Nov 14 20:03:40 localhost kernel: type=1400
> audit(1226714620.135:183): avc: denied { read } for
> pid=5267 comm="dhcpd" name="dhcpd.pid"
> dev=dm-0 ino=3244731
> scontext=unconfined_u:system_r:dhcpd_t:s0
> tcontext=unconfined_u:object_r:var_run_t:s0 tclass=file
> Nov 14 20:03:40 localhost kernel: type=1400
> audit(1226714620.135:184): avc: denied { write } for
> pid=5267 comm="dhcpd" name="dhcpd.pid"
> dev=dm-0
> ino=3244731scontext=unconfined_u:system_r:dhcpd_t:s0
> tcontext=unconfined_u:object_r:var_run_t:s0 tclass=file
> Nov 14 20:03:40 localhost dhcpd: Can't create PID file
> /var/run/dhcpd.pid: Permission denied.
>
> How can I allow it to work?
>
>
> Thanks,
>
> Antonio
>
>
>
>
> --
After this breakthrough I also found out or not sure here?
is that iptables are forwarding packets to eth1
upon reading another page:
http://chwang.blogspot.com/2007/11/making-linux-fedora-core-8-as-gateway.html
it says iptables and has this part:
# Forward all packets from eth1 (internal network) to eth0 (the public internet)
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
# Forward packets that are part of existing and related connections from eth0 to eth1
iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT
# Enable SNAT functionality on eth0. a.b.c.d are generally the ip of the eth0
iptables -A POSTROUTING -t nat -s 192.168.1.0/24 -o eth0 -j SNAT --to-source a.
Then it recommends visiting the other page which was referenced before.
I will probably get to this machine tomorrow or on Monday. I hope that I can get this working and with advice from the list I believe it can get done.
Regards,
Antonio
More information about the fedora-list
mailing list