User Tools

Site Tools


software:srfirewall:snippets:dhcp

Allow DHCP and DHCPv6

Normally, when you set the default INPUT policy to DROP, it breaks DHCP/DHCPv6 unless you put in a proper allow.

Configuration

Config: etc/srfirewall/ipv4/acl.conf

acl.conf
#<direction> <action> <interface> <src> <srcport> <dst> <dstport> <protocol> <syn> <state>
IN ACCEPT eth1 - 67:68 - 67:68 udp - NEW

Config: etc/srfirewall/ipv6/acl.conf

acl.conf
#<direction> <action> <interface> <src> <srcport> <dst> <dstport> <protocol> <syn> <state>
IN ACCEPT eth1 fe80::/10 546 ff02::1:2 547 udp - NEW