Block rule also blocks DHCP

Started by Arthur

Block rule also blocks DHCP   22 January 2009, 14:29

Well I had it all worked out, at least it seemed.
I have a normal ruleset, from IP 192.168.1.2 until 192.168.1.49.
Router is at 192.168.1.50. Setup is simple, cable modem > router > server with BWM > switch with clients connected.
At first, I worked only with static IP all was well.

But I needed some blocking rule to prevent unauthorized access. So I made the following rule at the end of the set:

Block all
source IP 192.168.1.0 - 192.168.1.255 destination any IP, direction both.
Protocol TCP/UDP

That worked fine also.

Now I want to setup the DHCP option in the router. My router has the option to assign the same IP to a specific MAC address. So I put every mac address from my clients in the router with the IP they had originally.
In the router, I put the automatic DHCP pool in another range, say 192.168.1.50 -100 so that unknown computers get some IP above 50. The blocking rule I made should deny access to these users.

But there is a problem. Activating the block rule kills DHCP. None of my clients can get an IP if the blocking rule is active. I have the idea that either DHCP request made by the clients are blocked, or DHCP offers by the router are being blocked.
Can someone help me to setup the correct block rule without killing DHCP?

Cheers,
Arthur.

Block rule also blocks DHCP, why?   22 January 2009, 15:15

Hi from Brazil xD

You must create a rule on the top of your ruleset

NAME: DHCP SERVER
PROTOCOL: UDP
TRANSFER RATE: UNLIMITED
INTERFACE: YOUR LOCAL INTERFACE
SOURCE: ANY IP SINGLE PORT: 68
DESTINATION: LOCALHOST SINGLE PORT: 67


Sorry my english...

Block rule also blocks DHCP, why?   22 January 2009, 16:31

Hi Lucas,

Thank you very much, now I understand how dhcp works, port 67 is the port the dhcp server listens on, and it send on port 68. The protocol is UDP.
I have one question:
You say destination "localhost" but my router is the DHCP server, not the BWM system (localhost).
The router has IP 192.168.1.50, shouldn't that be the destination?

I will create the rule and post back the results.

Cheers,
Alacran.

Block rule also blocks DHCP, why?   23 January 2009, 00:35

Hi!
you can install hanewin dhcp server on your pc running bwm. it is amazing program for dhcp

Block rule also blocks DHCP, why?   24 January 2009, 05:42

Thanks Lucas, worked like a charm. I changed the "localhost" to the router IP and activated the "block all" rule.
All clients got their IP based on the static DHCP list in the router.
Clients not in the static DHCP list will get an IP in another range, and that range is blocked by the BWM block rule.

Lucas, Hanewin dhcp server is amazing indeed. Nifty little program with tftp server included. It supports static dhcp, and it is possible to deny requests from an unknown mac address.
I will migrate to hanewin dhcp server sooner or later, together with the dns server for the purpose of dns caching, my providers dns is crap and they block some sites with it.

Cheers,
Arthur.

Block rule also blocks DHCP, why?   26 January 2009, 04:49

Hi Arthur,

For DNS caching I use SimpleDNS. It is a best robust software for this.
Aref

how to check each individual in group list   06 December 2010, 06:27

Hi
I am using Softperfect Bandwidth Manager
I have 3 Groups made in this software
in each of these group I have about 20 to 50 users
but sometimes one of them use all bandwidth
is there any way to put individual in Quota Usage
I want this to work in a group
Can anyone help me
Thanks

Block rule also blocks DHCP, why?   07 December 2010, 12:53

In this version it is not possible. If you want to control the transfer rates individually, you need to create a rule to every user on your network.

Maybe in version 3.0 (we are waiting) it can be possible....

Sometimes you can get the answer faster if you try the forum search and/or have a look at the software user manual to see if your question has already been answered.

Our forum rules are simple:

  • Be polite.
  • Do not spam.
  • If possible, check your spelling and grammar.

Author:

Email:

Subject

A brief and informative title for your message, approximately 4–8 words:

     

Spam prevention: please enter the following code in the input field below.

 **     **   *******   **         ******    **     ** 
 **     **  **     **  **        **    **   **     ** 
 **     **         **  **        **         **     ** 
 **     **   *******   **        **   ****  ********* 
  **   **          **  **        **    **   **     ** 
   ** **    **     **  **        **    **   **     ** 
    ***      *******   ********   ******    **     ** 

Message: