On Sat, Jul 31, 2021 at 07:02:35PM +0100, Étienne wrote:
> On 30/07/2021 04:37, Theo de Raadt wrote:
> > dhcpleased (and a few other daemons) use bpf, thus see raw packets
> > from the wire before pf can block them. Most daemons of this type
> > also use bpf to send packets, and pf doesn't see these either
> Does that prevent dhcpd from listening on any virtual interface? I'm trying
> to have it listen for requests on a vether in a bridge, and that fails (or
> I'm making a mistake).
It should work, unless are running dhclient/dhcpleased on the same machine,
because the bpf filter will eat DHCP-related packets. You'll know whether
this affects you by checking whether dhcpd starts working when you kill the
DHCP client.
No comments:
Post a Comment