# dhclient send_packet: Permission denied



## natharran (Oct 15, 2014)

Hi guys,

I'm having an odd issue. My ipfw() script contains:

```
...
ipfw -q add 1110 allow udp from $dhcp 67,68 to any in via $outer keep-state
...
ipfw -q add 2210 allow udp from any to $dhcp out via $outer keep-state
...
```
but `dmesg -a` shows:

```
Oct 15 01:24:32 universe dhclient[686]: send_packet: Permission denied
Oct 15 01:28:03 universe last message repeated 11 times
Oct 15 01:38:50 universe last message repeated 7 times
```
every ca. 9 minutes. The Internet connection works OK all the time event after a reboot - I get an IP address without problems but I don't understand what dhclient() is still trying to do, nor how to prevent this.

Could you help please?


----------



## SirDice (Oct 15, 2014)

It looks like it doesn't accept any broadcasts. The initial DHCP request is sent to 255.255.255.255 and your rules don't seem to allow that.


----------



## natharran (Oct 15, 2014)

SirDice said:
			
		

> The initial DHCP request is sent to 255.255.255.255


Thank you for your reply. I added

```
ipfw -q add 2208 allow udp from any to 255.255.255.255 67,68 out via $outer keep-state
```
but the log still says

```
Oct 15 01:24:32 universe dhclient[686]: send_packet: Permission denied
```
from time to time.

When setting firewall rules, I followed the documentation, specifically


			
				documentation said:
			
		

> ```
> # Allow access to ISP's DHCP server for cable/DSL configurations.
> # Use the first rule and check log for IP address.
> # Then, uncomment the second rule, input the IP address, and delete the first rule
> ...


I believe the documentation doesn't say anything about broadcast needed to be allowed all the time. Does this mean I'll be getting those messages forever? Or should I just not log them?


----------



## adrian@ (Oct 18, 2014)

Which version of FreeBSD? There's a recent fix to FreeBSD -HEAD that fixed an issue with RAW IP injection and it was noticed because of dhclient errors.


----------

