I’ve been using zeroshell for a long time, since the first installation I did not have the need to set any firewall rules, recently i tried to set a deny all rule to allow specific MAC address access/pass through the firewall.
first i set the input and the forward chain to deny all, then i allowed list of MAC addresses.
i totally understand how IPTables works, that’s why I’m stumbled in a question that i looked everywhere for an answer but i could not find one.
the question is, if the INPUT chain default policy to “DROP” all, why DHCP client can still get an IP address from the DHCP server? I even set the OUTPUT chain to “DROP” but still DHCP client can get IP address from DHCPD??!!!
comparing to IPCOP, in IPCOP when you set the default to DENY all, all the DHCP broadcast traffic will get drooped.
Why zeroshell is allowing the traffic? Is there any specific setting in the DHCPD process start that allow such traffic to pass through??
please help with an answer, I’m really in need to the setting to work.