Posted by jane in scaesar.com
My WinXP box is hooked into a router with a dubious DHCP server - it doesn't handle renew requests, just new leases. However, everything worked fine until I installed Outpost Firewall Pro ver. 6.0.2168.8301 (as a fresh install, no previous Outpost, no previous firewall, clean XP SP2 install).
Now, about every 1/2 hour (corresponding to the lease timeout), my machine loses its IP for about 45-75 secs, until it can successfully get a new one via dhcp.
Entries in the Packet Log around this time include:
Learn UDP packet received: 0.0.0.0:68 -> 255.255.255.255:67 Learning Mode
... (repeated about 6 times)
Block UDP packet received: 10.128.128.128:67 -> 255.255.255.255:68 Block Transit Packet
See attached image. My computer's IP (when it eventually gets it) is 10.75.253.47
I'm no dhcp expert, but those blocks look suspiciously like the dhcp response packets that would get me a lease. Is there some way to enable those? I looked quite a bit at system rules and browsed the forums, but I couldn't find
don't know if it might be applicable, but i had a few similar problems with a weak wap connection so i moved the dhcp rule up into the 'before application..' section - it numbered itself as (192), see attached, 'improvenet' added the same rule back in again later marked (67) ;) not sure of the relevance of the parenthetical number. under settings - firewall - advanced, i have the background (startup) policy set to 'block most' rather than 'block all' in order to allow dhcp thru on startup (tho this does not apply to renewals after startup).
Check to see if you have a global rule for DHCP, in not create one.
Where Specified protocol is - UDP
Where Specified Remote port is - BOOTPS, BOOTPC, DHCPv6c, DHCPv6s
Where Specified Local port is - BOOTPS, BOOTPC, DHCPv6c, DHCPv6s
Allow it
Also if you want IGMP edit that rule to allow it.
I personally find the some of the rules are crafted generically and lean towards direct connections (dialup, dsl or cable modems) and not really necessary for routers, if someone on my local network starts attacking, well I have found the best defense is to go into the next room and clip their friggen ears and ground the offender for a month :p it stops the attacks almost instantly :D
Anyway good luck, someone else will probably chime in with a few ideas as well. :) Just like kronckew has done just before I hit the submit button....
I had a very similar problem with vmware machines not being able to re-lease even though I had the DHCP rule in. There is an op kb article that tells how to create a new "low level rule" which is the same as the "Global Rule"
This worked for me
Now, about every 1/2 hour (corresponding to the lease timeout), my machine loses its IP for about 45-75 secs, until it can successfully get a new one via dhcp.
Entries in the Packet Log around this time include:
Learn UDP packet received: 0.0.0.0:68 -> 255.255.255.255:67 Learning Mode
... (repeated about 6 times)
Block UDP packet received: 10.128.128.128:67 -> 255.255.255.255:68 Block Transit Packet
See attached image. My computer's IP (when it eventually gets it) is 10.75.253.47
I'm no dhcp expert, but those blocks look suspiciously like the dhcp response packets that would get me a lease. Is there some way to enable those? I looked quite a bit at system rules and browsed the forums, but I couldn't find
Where Specified protocol is - UDP
Where Specified Remote port is - BOOTPS, BOOTPC, DHCPv6c, DHCPv6s
Where Specified Local port is - BOOTPS, BOOTPC, DHCPv6c, DHCPv6s
Allow it
Also if you want IGMP edit that rule to allow it.
I personally find the some of the rules are crafted generically and lean towards direct connections (dialup, dsl or cable modems) and not really necessary for routers, if someone on my local network starts attacking, well I have found the best defense is to go into the next room and clip their friggen ears and ground the offender for a month :p it stops the attacks almost instantly :D
Anyway good luck, someone else will probably chime in with a few ideas as well. :) Just like kronckew has done just before I hit the submit button....
This worked for me
#If you have any other info about this subject , Please add it free.# |