Re: [PLUG] IPTables Debian Comcast

[Mental Patient <mental@neverlight.com>]

Time wrote:

> On Mon, Sep 09, 2002 at 10:51:20AM -0400, Mental Patient wrote:
>  
>
> > Only when I was overly aggressive when blocking incoming traffic. I 
> > wound up blocking dhcp lease renewal.
> > Make sure you're not dropping DHCP.
> >    
>
>
> Agreed, I may have specified the wrong ports or quite likely not all. 
>
> Here is what I have:
>
> # Allow DHCP replies in
> iptables -A INPUT -i eth1 -p tcp -s 0.0.0.0 --sport 67 -d 0.0.0.0 --dport 68 -j ACCEPT
> iptables -A INPUT -i eth1 -p udp -s 0.0.0.0 --sport 67 -d 0.0.0.0 --dport 68 -j ACCEPT
>
> Did I hit or miss? 
>
>
>  
Honestly, its been a while. I use a linksys cable modem router guy at 
home. It just goes. For the $$ it was well worth it, small, easy to 
configure and so far has kept me out of trouble :) Anyways, I forget 
what I had to do in my iptables firewall once upon a time.

Your best bet is to google for it, and also see if  problems relate at 
all to lease timeouts. I have comcast. Every now and then connectivity 
goes running off into the bushes and it doesnt come back til much much 
later. Usually its in the AM when the network has problems for me. I 
never cared enough to ask about it.

This might not be dhcp, but its the simplest solution that I could think of.

--
Mental (Mental@NeverLight.com)

This body. This body holding me. Be my reminder here that 
I am not alone in
This body, this body holding me, feeling eternal
All this pain is an illusion.

--Tool "Parabola"

CARPE NOCTEM, QUAM MINIMUM CREDULA POSTERO.

GPG public key: http://www.neverlight.com/pas/Mental.asc





_________________________________________________________________________
Philadelphia Linux Users Group        --       http://www.phillylinux.org
Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce
General Discussion  --   http://lists.netisland.net/mailman/listinfo/plug