Vonage and Firewalls

About 3 years ago, I set up a router at my parent’s place. It was basically an old 80486 box with a pair ef ethernets in it, and it ran OpenBSD. Today, they got Vonage and I ended up SSH’ing into the box to find out why the Vonage box wasn’t hitting the rest of the world.

Silly me, when I configured the machine, I used static IP addresses on the inside of the firewall. The new machine was sending DHCP requests to the firewall, which was just ignoring them. The old setup worked fine until this thing needed an IP address and I wasn’t around to give it one. Oh well….

I ended up configuring a DHCP daemon on the machine, and setting up a few firewall rules to allow it access to the network. Once that was out of the way, the rest of the work went vers smoothly. It’s a good thing, however, that I installed SSH on that box – or I’d need 2000 mile arms 😉

The only hard part is that the DHCP daemon by default wants to listen on all ports. There’s a command line option to fix that, but to make that work with stock OpenBSD requires a bit of patience.

  1. Edit /etc/dhcpd.interfaces to set the device
  2. Edit /etc/dhcpd.conf to set the IP addresses, DNS info, and other nonsense. Set the DNS server to the inside address of localhost – in this case
  3. Touch /var/db/dhcpd.leases or its non-existence won’t let the daemon start
  4. Edit /etc/rc.conf to turn on the DHCP daemon
  5. Set the firewall ruleset to allow the DHCP service to send and receive packets to the inside network
  6. Verify the named configuration in /var/named/etc/named.conf to ensure that it’s properly set up as a recursive caching name server
  7. Reboot the box
  8. Profit 🙂
This entry was posted in General. Bookmark the permalink.