Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DHCP ports open although DHCP is deactivated in GUI

    Scheduled Pinned Locked Moved
    DHCP and DNS
    1
    1
    1.6k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      flu
      last edited by

      I am using pfsense 1.2-RELEASE
      My configuration is 4 NICs:

      WAN*                  ->  sis0
      OPT1(WAN2)          ->  sis1
      LAN*                    ->  fxp0
      OPT2(LANguests)    ->  fxp1

      WAN and WAN2 are configured for load balancing.
      LAN and LANguests are two separate LAN networks.

      DHCP server on OPT2(LANguests) is activated and on LAN interface the DHCP server is deactivated,
      but /tmp/rules.debug shows following rules for LAN interface:

      allow access to DHCP server on LAN

      anchor "dhcpserverlan"
      pass in quick on $lan proto udp from any port = 68 to 255.255.255.255 port = 67 label "allow access to DHCP server on LAN"
      pass in quick on $lan proto udp from any port = 68 to 192.168.xyz.1 port = 67 label "allow access to DHCP server on LAN"
      pass out quick on $lan proto udp from 192.168.xyz.1 port = 67 to any port = 68 label "allow access to DHCP server on LAN"

      These rules should not exist!

      I do not need DHCP-Client on WAN interface and have not configured the hostname in DHCP client configuration.
      Why does the following rule exist then?
      pass in quick on $wan proto udp from any port = 67 to any port = 68 label "allow dhcp client out wan"

      Thanks!

      1 Reply Last reply Reply Quote 0
      • First post
        Last post