Created
April 27, 2020 01:24
-
-
Save racerxdl/5dea890b77be0528c8c3b848a5223df5 to your computer and use it in GitHub Desktop.
Block DHCP in Bridge
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ebtables -I INPUT -i eno2 -p ip --ip-protocol udp --ip-source-port 67 -j DROP | |
| ebtables -I INPUT -i eno2 -p ip --ip-protocol udp --ip-source-port 68 -j DROP | |
| ebtables -I INPUT -i eno2 -p ip --ip-protocol udp --ip-destination-port 67 -j DROP | |
| ebtables -I INPUT -i eno2 -p ip --ip-protocol udp --ip-destination-port 68 -j DROP | |
| ebtables -I INPUT 0 -i eno2 -p IPv4 --ip-protocol udp --ip-destination-port 67:68 -j DROP | |
| ebtables -I OUTPUT 0 -o eno2 -p IPv4 --ip-protocol udp --ip-destination-port 67:68 -j DROP | |
| ebtables -I FORWARD 0 -o eno2 -p IPv4 --ip-protocol udp --ip-destination-port 67:68 -j DROP | |
| iptables -I FORWARD -m physdev --physdev-out eno2 -p udp --dport 67:68 -j DROP | |
| iptables -I FORWARD -m physdev --physdev-in eno2 -p udp --dport 67:68 -j DROP | |
| iptables -I INPUT -m physdev --physdev-in eno2 -p udp --dport 67:68 -j DROP |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
好用!