## $Id$ ## This file contains a sample configuration for the network shown ## below: ## ## -------------- ---------- ------------- ## | DHCP Server | | | | | ## | 192.168.8.66 |------| dhcp-fwd |------| Clients | ## | | | | | | ## -------------- ---------- ------------- ## ## By default, the dhcp-fwd agent looks at $(sysconfdir)/dhcp-fwd.cfg ## for this file. By using the '-c' option when calling dhcp-fwd, this ## path can be changed. ######### ENVIRONMENT SETTINGS ######### #### ### ## The server will drop its privileges and goes into a chroot-jail ## after doing its initialization. The following parameters are ## defining the needed parameters: ## User and group names/ids. It can be a numeric id or a resolvable ## alphanumeric-name. ## ## WARNING: when compiled with dietlibc the user-/group-names must be ## resolvable by files-NSS. LDAP or NIS NSS will not work so ## the numeric ids must be used user nobody group nobody ## chroot() path chroot /var/lib/dhcp-fwd ## Logfile and loglevel. The logfile-location is relatively to the ## directory where dhcp-fwd was started and not to the chroot-directory. ## ## The loglevel option is not supported yet. logfile /var/log/dhcp-fwd.log loglevel 1 ## SysV pidfile; contains the PID of the daemon-process and will be ## written with root-privileges pidfile /var/run/dhcp-fwd.pid ## Set limit for resources. When using much interfaces or servers ## below you will need to increase some values. Same holds when not ## using dietlibc. Use '-1' as the value to disable the upper limit ## for the given resource. ## ## Look into /proc//status to find out the real usage of the ## resources. ulimit core 0 ulimit stack 64K ulimit data 32K ulimit rss 200K ulimit nproc 0 ulimit nofile 0 ulimit as 0 ######### INTERFACE SETTINGS ######### #### ### ## The interface where the forwarder listens for messages. There must ## be specified BOTH the server-side and client-side interfaces! ## ## Each interface will be identified by its system-wide name ## (e.g. eth0). After this it must be told whether there are ## clients and servers, and if it is allowed to send broadcast ## messages to clients. The bcast flags will be IGNORED when ## forwarding messages to servers. # IFNAME clients servers bcast if eth2 true false true if eth1 false true true ## Each interface can be given an RFC 3046 agent ID. The 'name' config ## option sets this value; if an interface is not specified here, the ## IFNAME will be assumed. # IFNAME agent-id name eth2 ws-c ## Each interface can be given an specific IP to be filled into the ## 'giaddr' field. ## ## BEWARE: because the outgoing DHCP message will contain the "normal" IP ## address of the outgoing-interface in its IP-header, some additional ## work in the system must be done. You can e.g. add an iptables rule to ## the 'nat' table similarly to this: ## ## | Chain POSTROUTING (policy ACCEPT) ## | target prot opt source destination ## | SNAT udp -- 192.168.0.6 192.168.8.66 udp spt:68 dpt:67 to:192.168.2.255 # ip eth0 192.168.2.255 ######### SERVER SETTINGS ######### #### ### ## Definitions of the servers. There must be told the type ('ip' or ## 'bcast') and the address. When using 'ip', the address is a non-bcast ## IPv4 address (dotted, DNS-names are NOT supported); and when using ## 'bcast' servers, the address is an IFNAME. # TYPE address server ip 192.168.8.66 #server bcast eth1