[rhn-users] I need help with hosts.deny - doesn't work asIexpected
Greg Forte
gforte at leopard.us.udel.edu
Wed Mar 29 00:59:46 UTC 2006
x6d696168 . wrote:
> IPtables is the best way to go, since its kernel based and can
> handle anything you throw at it ...
ALMOST anything - dhcpd uses a raw socket, since the dhcp protocol
operates somewhere "between" layers, so it is immune to iptables. Which
is probably not a big issue _unless_ you have a multi-homed box and only
want dhcpd to respond to requests on one (or some proper subset) of the
interfaces (this can and must be specified on the command line, instead;
the interface name(s) can be listed in /etc/sysconfig/dhcpd). I found
this out the embarassing way. Just for reference, in case anyone cares.
;-)
-g
More information about the rhn-users
mailing list