how to block dhcp from my client to me!!

trottolino1970 · March 13, 2008, 8:58am

how to block dhcp from my client to me and Sharing files and folders?

sandov63 · March 14, 2008, 8:52pm

built this rule under ip → firewall -->> filter rules

add chain=forward action=drop dst-port=68 protocol=udp comment=“DROP DHCP
SERVERS” disabled=no
add chain=input action=drop dst-port=68 protocol=udp comment=“” disabled=no

this way you are blocking broadcasting from port 68 of users whose wake up a dhcp server

Chupaka · March 15, 2008, 12:00am

are broadcast packets affected by forward chain?

trottolino1970 · March 15, 2008, 7:05am

And how to block them?

nickb · March 20, 2008, 8:35pm

Turn off “forwarding” on the wireless side; such as disable “default forward” if you have are using “default authenticate”, or uncheck “Forwarding” in the access list entry for a MAC address. This will prevent DHCP from broadcasting to other wireless clients.

tenis · March 20, 2008, 11:09pm

What exactly turning off default-forwarding do? It just stops broadcasting all broadcasts from clients? This would be great, cause I had quite a few issues related to this (private DHCP server on client side, providing incorrect leases, etc.)
But I still would like to have clients able to speak between each other. How the arp who-has will be responded if it will not be broadcasted to all clients. Would AP be able to make this working?

gmeyer · March 21, 2008, 2:28am

Add filters in the bridge on the wireless interface

add chain=input mac-protocol=ip src-port=67 ip-protocol=udp action=drop comment=“Drop DHCP” disabled=no in-interface=wireless

add chain=forward mac-protocol=ip src-port=67 ip-protocol=udp action=drop comment=“Drop DHCP” disabled=no in-interface=wireless

Remember that broadcast working on layer 2

totalnett · March 25, 2008, 12:18pm

Can’t get this to work.
I have routeros 3.4 on a RB192…

Do i have to mark packets in Mangle first? How should i do this?