Subject: Re: dhcpd(8) _cannot_ be completely disabled on an interface
To: Jim Wise <jwise@draga.com>
From: Mipam <mipam@ibb.net>
List: tech-security
Date: 01/06/2002 19:44:25 
[SNIP]

> from nmap from an outside host:
> ...
> 68/udp     open        bootpc
> ...

This is because dhcp listens on bpf which is before ipf (seen from
outside). So requests and answers wont go through the in-kernel
ip stack and so also not through ipf which listens in front of the ip stack.
Bye,

Mipam.