Hi *,
a quite severe bug that was (from my knowledge) introduced with 7.912:
After a reboot the automatic packet filter rules get not properly created. DHCP outgoing answers are blocked to the network:
2010:05:22-11:35:30 asgv8 dhcpd: DHCPREQUEST for 192.168.0.20 from 00:0c:29:22:2b:5f (downloadserver) via eth0
2010:05:22-11:35:30 asgv8 dhcpd: DHCPACK on 192.168.0.20 to 00:0c:29:22:2b:5f (downloadserver) via eth0
2010:05:22-11:35:30 asgv8 dhcpd: send_packet: Operation not permitted
and matching packet filter log entries:
2010:05:22-11:39:50 asgv8 ulogd[4929]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:c:29:22:2b:5f" dstmac="0:c:29:9b:39:74" srcip="192.168.0.20" dstip="192.168.0.1" proto="17" length="328" tos="0x00" prec="0x00" ttl="64" srcport="68" dstport="67"
(they repeat, sorry for the not matching timestamp in both examples).
Only happened after a reboot and after 7.912 was freshly started.
My workaround at the moment is to run a 2nd DHCP server in the network.
Same but different problem with DNS:
As soon as I used a dual homed network object (IPv4 / IPv6) in the list of allowed networks to query the DNS server, DNS packets got also blocked. As soon as I created an IPv4 only network object, the automatic packet filter rules worked perfectly again.
In case you need access to my system, drop me a quick mail.
Christian
