5

I recently installed CSF firewall and have made live a new server which is accepting around 600req/second.

Its basically a reverse proxy and I found in pingdom and munin that for a particular time, the response times of the server increased by 3 folds. I looked into logs and exactly at that point, I found loads of entries like this:

Feb 27 15:22:09 li235-57 dhclient: DHCPREQUEST of <My IP address> on eth0 to 207.192.68.72 port 67
Feb 27 15:22:09 li235-57 dhclient: send_packet: Operation not permitted

Can you help me understand what went wrong and what exactly happened? Is there any settings I should change in CSF or any pointer to debug this further?

Falcon Momot
  • 24,975
  • 13
  • 61
  • 92
Sparsh Gupta
  • 1,117
  • 7
  • 20
  • 31

1 Answers1

11

You need allow DHCP requests:

$IPTABLES  -I INPUT -i $LAN_IFACE -p udp --dport 67:68 --sport 67:68 -j ACCEPT

in CSF you can set 67 and 68 in UDP_IN, UDP_OUT and unset DROP_NOLOG(CSF Firewall Configuration)

ooshro
  • 10,874
  • 1
  • 31
  • 31
  • In addition to the above rule by ooshro: if your dhcp server(s) are known (e.g. via the logs of your machine), you could make the rule more specific by adding -s xxx.yyy.zzz.aaa to the rule. Keep checking the logs, to verify dhcp renew requests are being done etc. – mistige Apr 26 '21 at 06:43