vpn-rpi4
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | |||
|
vpn-rpi4 [2020/04/30 09:16] robm [Desired outcome] |
vpn-rpi4 [2021/04/25 20:13] (current) robm Reduce dropped INPUT traffic to just DHCP (was also blocking ARP requests, so my wired side would never find the MAC address of the Raspberry Pi) |
||
|---|---|---|---|
| Line 63: | Line 63: | ||
| # wired connection (we want to be the ones to answer DHCP requests, not our | # wired connection (we want to be the ones to answer DHCP requests, not our | ||
| # ISP) | # ISP) | ||
| - | up | + | |
| - | down ebtables -t filter -D FORWARD --protocol | + | # UDP port 68: BOOTP client |
| + | | ||
| + | down ebtables -t filter -D FORWARD --protocol | ||
| # Ethernet Bridging: Be deaf to DHCP requests originating on the wired | # Ethernet Bridging: Be deaf to DHCP requests originating on the wired | ||
| # connection (home network), we are not their DHCP server. (.. and dnsmasq | # connection (home network), we are not their DHCP server. (.. and dnsmasq | ||
| # cannot distinguish the source, as it all appears to be coming from br0) | # cannot distinguish the source, as it all appears to be coming from br0) | ||
| - | up | + | |
| - | down ebtables -t filter -D INPUT -d FF: | + | # UDP port 68: BOOTP client |
| + | | ||
| + | down ebtables -t filter -D INPUT --protocol IPv4 --ip-protocol UDP --ip-destination-port 67:68 -i eth0 -j DROP | ||
| # Internet Protocol Network Address Translation when using this bridge, and | # Internet Protocol Network Address Translation when using this bridge, and | ||
vpn-rpi4.1588238215.txt.gz · Last modified: 2020/04/30 09:16 by robm
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International
