why "block quick on wlan0" doesn't stop DHCP?
Iñigo Ortiz de Urbina
inigoortizdeurbina at gmail.com
Fri Jan 28 12:05:14 UTC 2011
And it makes perfect sense only if you can trust your dhcp server
(runs chrooted and privilege separated :)
On 1/28/11, Greg Hennessy <Greg.Hennessy at nviz.net> wrote:
> Could be talking complete nonsense here, but....
>
> IIRC BPF sees all traffic before PF. DHCP hooks at the BPF layer, so it'll
> be serviced before any filtering policy applies.
>
>
> Greg
>
>
>> -----Original Message-----
>> From: owner-freebsd-pf at freebsd.org [mailto:owner-freebsd-
>> pf at freebsd.org] On Behalf Of Michael
>> Sent: 28 January 2011 9:20 AM
>> To: freebsd-pf at freebsd.org
>> Subject: why "block quick on wlan0" doesn't stop DHCP?
>>
>> Hello,
>>
>> Here is my simple rule set:
>>
>> set loginterface wlan0
>> block log
>> block quick on wlan0
>>
>> Now I'm booting my 8.1-R box. After it's up and running with pf I'm
>> powering on my wireless access point.
>>
>> After couple seconds my wlan0 is associated and receives it's IP
>> address. I don't understand why was it not stopped by pf?
>> And how can I tune my rules to be able to control DHCP conversation?
>>
>> Michael
>> _______________________________________________
>> freebsd-pf at freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-pf
>> To unsubscribe, send any mail to "freebsd-pf-unsubscribe at freebsd.org"
>
--
Iñigo Ortiz de Urbina Cazenave
http://www.twitter.com/ioc32
More information about the freebsd-pf
mailing list