DHCP Tom Eastep 2002-11-03 2001 2002 Thomas M. Eastep Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover, and with no Back-Cover Texts. A copy of the license is included in the section entitled GNU Free Documentation License.
If you want to Run a DHCP Server on your firewall Specify the "dhcp" option on each interface to be served by your server in the /etc/shorewall/interfaces file. This will generate rules that will allow DHCP to and from your firewall system. When starting "dhcpd", you need to list those interfaces on the run line. On a RedHat system, this is done by modifying /etc/sysconfig/dhcpd.
If a Firewall Interface gets its IP Address via DHCP Specify the "dhcp" option for this interface in the /etc/shorewall/interfaces file. This will generate rules that will allow DHCP to and from your firewall system. If you know that the dynamic address is always going to be in the same subnet, you can specify the subnet address in the interface's entry in the /etc/shorewall/interfaces file. If you don't know the subnet address in advance, you should specify "detect" for the interface's subnet address in the /etc/shorewall/interfaces file and start Shorewall after the interface has started. In the event that the subnet address might change while Shorewall is started, you need to arrange for a "shorewall refresh" command to be executed when a new dynamic IP address gets assigned to the interface. Check your DHCP client's documentation.