Filtering DHCP Request (Broadcast) rule vs Multicast Allow=1

eeebbune

Hello Experties!

I am curious about DHCP request - respond packet passing Firewall.

There is a firewall between DHCP Server and Client.
<<DHCP Server -- Firewall -- DHCP Client>>
so all of packets transferring through the firewall.

I created a filter rule for DHCP broadcast,

At that time, rule trigger has 0/0Btye.
I thought Firewall just passing DHCP broadcast because it was 0.

However, after I create a config 'multicast_allow = 1'

Traffics are triggered to the DHCP broadcast rule.
0/0 byte to 0/34kiB.

Why so different?
Before I created multicast allow, DHCP broadcast doesn't work? (But everyone can get a dhcp ip address from the dhcp server, no issues happened.)

I am dying to know what makes this differences.

NogBadTheBad

@eeebbune 255.255.255.255 != multicast, it’s a broadcast to any host on the lan segment.

eeebbune

@nogbadthebad

That's what I mean..
Even though it has different ip range, why it shows me different result, that was my curiousity.

It looks like somehow related.
Too far to understand PF Firewall for me...

Maybe it was just coincidence..

Anyway, thank you for your reply.