From: "Toke Høiland-Jørgensen" <toke@toke.dk>
To: Dave Taht <dave.taht@gmail.com>,"jow@openwrt.org" <jow@openwrt.org>
Cc: "cerowrt-devel@lists.bufferbloat.net"
<cerowrt-devel@lists.bufferbloat.net>
Subject: Re: [Cerowrt-devel] BCP38 implementation
Date: Wed, 19 Mar 2014 23:31:47 +0100 [thread overview]
Message-ID: <a67be057-8eb0-4902-9072-59ddee357667@email.android.com> (raw)
In-Reply-To: <CAA93jw5o4sqykTXmGa1OB1gtwVn83g13Gs9TQ1LRPKWn7r7gUA@mail.gmail.com>
On 19 March 2014 22:44:06 CET, Dave Taht <dave.taht@gmail.com> wrote:
> wow, thx. I was just about to give up and declare cero "baked enough".
Haha, well, felt like hacking on something new, and thought this might be appropriate :)
> the core problem remaining is ensuring dhcp request and renew work
> even
> with double-nat and that state is retained across a network and
> firewall reload.
Right. Well an easy fix could be to just omit the OUTPUT rule, so packets sent from the router itself are not blocked at all... But for double-nat, the actual traffic also needs to be allowed, I suppose.
Otherwise the documentation mentions hotplug scripts when an interface joins a firewall zone. That might be a suitable place to pick up addressing information? Storing it in the config shouldn't be a problem, but there probably needs to be some way for the user to override wrong auto-detection.
What source and dest ip does dhcp use?
-Toke
next prev parent reply other threads:[~2014-03-19 22:32 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-03-19 20:59 Toke Høiland-Jørgensen
2014-03-19 21:44 ` Dave Taht
2014-03-19 22:31 ` Toke Høiland-Jørgensen [this message]
2014-03-20 9:29 ` Toke Høiland-Jørgensen
2014-03-20 13:07 ` Toke Høiland-Jørgensen
2014-03-20 17:38 ` Dave Taht
2014-03-20 18:14 ` Toke Høiland-Jørgensen
2014-03-22 20:04 ` Norman Yarvin
[not found] ` <532AB801.6050702@openwrt.org>
2014-03-20 10:28 ` Toke Høiland-Jørgensen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://lists.bufferbloat.net/postorius/lists/cerowrt-devel.lists.bufferbloat.net/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a67be057-8eb0-4902-9072-59ddee357667@email.android.com \
--to=toke@toke.dk \
--cc=cerowrt-devel@lists.bufferbloat.net \
--cc=dave.taht@gmail.com \
--cc=jow@openwrt.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox