dhcp problems again (very long)

[Steve Scrimpshire]

Ok, I had dhcpd installed and working properly before after searching the web, but then I trashed my system and had to reinstall everything. Now, I cannot share the connection with my Win98 box anymore. It gets the new ip (static 192.168.0.2), but cannot surf at all, just gets page not found. I have no clue what I am doing wrong.

 

Here is my etc/dhcpd.conf:

# dhcpd.conf

#

# Sample configuration file for ISC dhcpd

#

ddns-update-style none;

option broadcast-address 192.168.0.253;

option subnet-mask 255.255.255.0;

option netbios-name-servers 192.168.0.1;

option routers 192.168.0.1;

option domain-name "omarserenity.home";

option ip-forwarding on;









# option definitions common to all supported networks...

option domain-name "omarserenity.home";

#option domain-name-servers ns1.example.org, ns2.example.org;



default-lease-time 1600;

max-lease-time 7200;



# If this DHCP server is the official DHCP server for the local

# network, the authoritative directive should be uncommented.

authoritative;



# Use this to send dhcp log messages to a different log file (you also

# have to hack syslog.conf to complete the redirection).

log-facility local7;



# No service will be given on this subnet, but declaring it helps the 

# DHCP server to understand the network topology.



subnet 192.168.0.0 netmask 255.255.255.0 {

option subnet-mask 255.255.255.0;

option broadcast-address 192.168.0.253;

option routers 192.168.0.1;

option domain-name "omarserenity.home";

option ip-forwarding on; 	 

  	 

}





host laluna {

 hardware ethernet 00:20:78:F0:2A:25;

 fixed-address 192.168.0.2;

 option ip-forwarding on;

}

 

/etc/hosts:

127.0.0.1  localhost.localdomain localhost

192.168.0.1             omarserenity.home omarserenity

192.168.0.2             laluna.home laluna

 

 

It never writes any leases to the /var/lib/dhcp/dhcpd.leases file.

 

I can ping each machine from the other. I am so lost.

 

Here's my /etc/Bastille/bastille-firewall.conf(with comments removed):

DNS_SERVERS=""







TRUSTED_IFACES="lo eth0"

PUBLIC_IFACES="ppp+ slip+"

INTERNAL_IFACES="eth0"







TCP_AUDIT_SERVICES="telnet ftp imap pop3 finger sunrpc exec login linuxconf ssh"

UDP_AUDIT_SERVICES="31337"

ICMP_AUDIT_TYPES="echo-request"







TCP_PUBLIC_SERVICES=""

UDP_PUBLIC_SERVICES=""

TCP_INTERNAL_SERVICES=""

UDP_INTERNAL_SERVICES=""





FORCE_PASV_FTP="Y"







TCP_BLOCKED_SERVICES="2049 2065:2090 6000:6020 7100"

UDP_BLOCKED_SERVICES="2049 6770"

ICMP_ALLOWED_TYPES="destination-unreachable echo-reply time-exceeded"







ENABLE_SRC_ADDR_VERIFY="Y"







IP_MASQ_NETWORK="192.168.0.0/255.255.255.0"

IP_MASQ_MODULES="ftp"







REJECT_METHOD="DENY"







DHCP_IFACES=""







NTP_SERVERS=""







ICMP_OUTBOUND_DISABLED_TYPES="destination-unreachable time-exceeded"







LOG_FAILURES="N"    # do not log blocked packets

IPTABLES_LOG_LEVEL="1"    # define the log level for audited





ALLOW_FRAGMENTS="Y"    # old behavior





DROP_SMB_NAT_BCAST="Y"  # drop those packets

 

TIA

[Steve Scrimpshire]

My Windows box gets an IP that I want it to have, but no leases get written to my Linux box and the Windows box cannot surf. I'm lost.

[Steve Scrimpshire]

I was dumb. I discovered I could surf from the Windows box by IP (something I should've checked before), so it was a nameserver problem. I thought that by not putting anything in /etc/dhcpd.conf or in /etc/Bastille/bastille-firewall.cfg for nameservers, that it would use the entries in /etc/resolve.conf, but apparently not. I thought it did that before. I just had to add a line in /etc/dhcpd.conf like this:

option domain-name-servers <ip address from my isp nameserver>, <ip address from my isp nameserver>;

 

and now it works.

 

Thanks.