You are not logged in.
Pages: 1
hey guys!
got a problem with my dhcpd. It always put me some messages like this into the syslog:
Jul 6 00:19:12 linux dhcpd: DHCPREQUEST for 192.168.0.30 from AA:AA:AA:AA:AA:AA via eth0
Jul 6 00:19:12 linux dhcpd: DHCPACK on 192.168.0.30 to AA:AA:AA:AA:AA:AA via eth0
Jul 6 00:19:12 linux dhcpd: send_packet: Operation not permitted
Jul 6 00:19:20 linux dhcpd: DHCPREQUEST for 192.168.0.20 from BB:BB:BB:BB:BB:BB via eth0
Jul 6 00:19:20 linux dhcpd: DHCPACK on 192.168.0.20 to BB:BB:BB:BB:BB:BB via eth0
Jul 6 00:19:20 linux dhcpd: send_packet: Operation not permitted
Jul 6 00:23:15 linux dhcpd: DHCPREQUEST for 192.168.0.30 from AA:AA:AA:AA:AA:AA via eth0
Jul 6 00:23:15 linux dhcpd: DHCPACK on 192.168.0.30 to AA:AA:AA:AA:AA:AA via eth0
Jul 6 00:23:15 linux dhcpd: send_packet: Operation not permitted
google won't help me...
any ideas? Do you need my dhcpd.conf?
Regards,
Moritz
Offline
Ehrm, you've got immensely funny MAC addresses there. Please post the "ifconfig" output of those clients sending these MACs in the ethernet frame.
Greets,
Dennis
"That's the problem with good advice. Nobody wants to hear it."
-- Dogbert
Offline
I've changed the mac-adresses bevor postig
BTW: dhcpd works! All clients get their IPs! But this "send_packet: Operation not permitted" looks scary...
Offline
I've changed the mac-adresses bevor postig
That is, and I'm holding back myself here, the most idiotic thing to do when you're asking for help. That's even more counterproductive than those freaks changing their IPs and hostname when they're asking why their DNS won't work! GNAH!
Okay then. Besides of that, you're lying. Google "dhcpd send_packet permitted", first hit.
In short: Don't fiddle with IPTables if you don't know what you're doing. Have a look if that applies to you, too, otherwise I might google some more for you.
Greets,
Dennis
"That's the problem with good advice. Nobody wants to hear it."
-- Dogbert
Offline
:evil: I'm not lying! :evil:
I've googled and I found this iptables info.
I've tried all the solutions they told! But have a look at the other google hits! All of them tell other things!
And none worked for me!
Offline
:evil: I'm not lying! :evil:
Indeed, Google didnt help you. A factually correct statement, please excuse my incorrect assumptions.
But, why the heck didn't you TELL us about what you already did? Ever read the smart-questions-FAQ? Why do I first need to insult you before you deliver crucial information?
Anyway, I'll have a glance over the dhcpd source, maybe that'll help.. gimme a minute, though, I'm just having lunch.
BRB,
Dennis
"That's the problem with good advice. Nobody wants to hear it."
-- Dogbert
Offline
sorry for that!
this is my iptables config for dhcpd:
$IPT -A INPUT -p UDP -i $INTERN --sport 67 --dport 68 -j ACCEPT
$IPT -A OUTPUT -p UDP -o $INTERN --sport 68 --dport 67 -j ACCEPT
I've read that it's necessary to open the ports to both directions, but it's changed nothing.
Offline
Okay, there we go, the relevant piece of source is this here, in the send_packet function called by the dhcp server process on DHCPACK:
result = writev(interface -> wfdesc, iov, 3);
if (result < 0)
log_error ("send_packet: %m");
return result;
The writev function is basically the same as the write function, but uses a vector (starting address, number of bytes) struct instead of a single buffer like write. The "Operation not permitted" message is the verbose value of an EPERM type error (man 3 errno). To get such an operation not permitted, there MUST be something that prohibits the writing of data to the interface. In nearly all cases this is a packet filter, so do yourself a favor and flush all rules, and reset all policies to ACCEPT. Then tell a client to refresh his lease. I could bet 100:1 this will solve your problem.
Greets,
Dennis
"That's the problem with good advice. Nobody wants to hear it."
-- Dogbert
Offline
might be true...
I'll have to test that :?
Offline
To figure out why those iptables lines may not be working, check to see the rules that are above it. Iptables always matches down the list, and if you have something that is a deny that matches above that accept, it'll deny.
I have discovered that all of mans unhappiness derives from only one source, not being able to sit quietly in a room
- Blaise Pascal
Offline
Pages: 1