I have a Linux server (10.0.0.1) running a DHCP server and a virtual bridge. The virtual bridge connects 4 Ethernet interfaces and works as a master switch connecting my users.
The problem arise if some user accidentally creates a rogue DHCP server which answers the DHCP request before they reach the master DHCP server.
Therefore I would like to block all DHCP requests going in between the ports on the virtual switch, but not requests to/from the master DHCP server. Which ebtables rules can I set up to do this?
Nihilus :
The correct way to do this is to use ebtable's filter chain, both forward and output usually, with a ruleset matching UDP ports 67:68.",
2015-06-09T18:59:50