115 lines
3.6 KiB
Plaintext
115 lines
3.6 KiB
Plaintext
|
## $Id$
|
||
|
|
||
|
## This file contains a sample configuration for the network shown
|
||
|
## below:
|
||
|
##
|
||
|
## -------------- ---------- -------------
|
||
|
## | DHCP Server | | | | |
|
||
|
## | 192.168.8.66 |------<eth1>| dhcp-fwd |<eth2>------| Clients |
|
||
|
## | | | | | |
|
||
|
## -------------- ---------- -------------
|
||
|
##
|
||
|
## By default, the dhcp-fwd agent looks at /etc/dhcp-fwd.conf
|
||
|
## for this file. By using the '-c' option when calling dhcp-fwd, this
|
||
|
## path can be changed.
|
||
|
|
||
|
|
||
|
######### ENVIRONMENT SETTINGS #########
|
||
|
####
|
||
|
###
|
||
|
## The server will drop its privileges and goes into a chroot-jail
|
||
|
## after doing its initialization. The following parameters are
|
||
|
## defining the needed parameters:
|
||
|
|
||
|
## User and group names/ids. It can be a numeric id or a resolvable
|
||
|
## alphanumeric-name.
|
||
|
##
|
||
|
## WARNING: when compiled with dietlibc the user-/group-names must be
|
||
|
## resolvable by files-NSS. LDAP or NIS NSS will not work so
|
||
|
## the numeric ids must be used
|
||
|
user daemon
|
||
|
group daemon
|
||
|
|
||
|
## chroot() path
|
||
|
chroot /var/run/dhcp-fwd
|
||
|
|
||
|
## Logfile and loglevel. The logfile-location is relatively to the
|
||
|
## directory where dhcp-fwd was started and not to the chroot-directory.
|
||
|
##
|
||
|
## The loglevel option is not supported yet.
|
||
|
logfile /var/log/dhcp-fwd.log
|
||
|
loglevel 1
|
||
|
|
||
|
## SysV pidfile; contains the PID of the daemon-process and will be
|
||
|
## written with root-privileges
|
||
|
pidfile /var/run/dhcp-fwd.pid
|
||
|
|
||
|
|
||
|
## Set limit for resources. When using much interfaces or servers
|
||
|
## below you will need to increase some values. Same holds when not
|
||
|
## using dietlibc. Use '-1' as the value to disable the upper limit
|
||
|
## for the given resource.
|
||
|
##
|
||
|
## Look into /proc/<pid>/status to find out the real usage of the
|
||
|
## resources.
|
||
|
ulimit core 0
|
||
|
ulimit stack 64K
|
||
|
ulimit data 32K
|
||
|
ulimit rss 200K
|
||
|
ulimit nproc 0
|
||
|
ulimit nofile 0
|
||
|
ulimit as 0
|
||
|
|
||
|
|
||
|
######### INTERFACE SETTINGS #########
|
||
|
####
|
||
|
###
|
||
|
## The interface where the forwarder listens for messages. There must
|
||
|
## be specified BOTH the server-side and client-side interfaces!
|
||
|
##
|
||
|
## Each interface will be identified by its system-wide name
|
||
|
## (e.g. eth0). After this it must be told whether there are
|
||
|
## clients and servers, and if it is allowed to send broadcast
|
||
|
## messages to clients. The bcast flags will be IGNORED when
|
||
|
## forwarding messages to servers.
|
||
|
|
||
|
# IFNAME clients servers bcast
|
||
|
if eth2 true false true
|
||
|
if eth1 false true true
|
||
|
|
||
|
|
||
|
## Each interface can be given an RFC 3046 agent ID. The 'name' config
|
||
|
## option sets this value; if an interface is not specified here, the
|
||
|
## IFNAME will be assumed.
|
||
|
|
||
|
# IFNAME agent-id
|
||
|
name eth2 ws-c
|
||
|
|
||
|
|
||
|
## Each interface can be given an specific IP to be filled into the
|
||
|
## 'giaddr' field.
|
||
|
##
|
||
|
## BEWARE: because the outgoing DHCP message will contain the "normal" IP
|
||
|
## address of the outgoing-interface in its IP-header, some additional
|
||
|
## work in the system must be done. You can e.g. add an iptables rule to
|
||
|
## the 'nat' table similarly to this:
|
||
|
##
|
||
|
## | Chain POSTROUTING (policy ACCEPT)
|
||
|
## | target prot opt source destination
|
||
|
## | SNAT udp -- 192.168.0.6 192.168.8.66 udp spt:68 dpt:67 to:192.168.2.255
|
||
|
|
||
|
# ip eth0 192.168.2.255
|
||
|
|
||
|
|
||
|
######### SERVER SETTINGS #########
|
||
|
####
|
||
|
###
|
||
|
## Definitions of the servers. There must be told the type ('ip' or
|
||
|
## 'bcast') and the address. When using 'ip', the address is a non-bcast
|
||
|
## IPv4 address (dotted, DNS-names are NOT supported); and when using
|
||
|
## 'bcast' servers, the address is an IFNAME.
|
||
|
|
||
|
# TYPE address
|
||
|
server ip 192.168.8.66
|
||
|
#server bcast eth1
|