Hi All, I have looked through the help topics but it seems the something is missing to make the following work.
ebtables -A INPUT --in-interface tap0 --protocol ipv4 --ip-protocol udp --ip-source-port 67:68 -j DROP
ebtables -A INPUT --in-interface tap0 --protocol ipv4 --ip-protocol udp --ip-destination-port 67:68 -j DROP
ebtables -A FORWARD --in-interface tap0 --protocol ipv4 --ip-protocol udp --ip-source-port 67:68 -j DROP
ebtables -A FORWARD --in-interface tap0 --protocol ipv4 --ip-protocol udp --ip-destination-port 67:68 -j DROP
the result of any of these is
Unable to update the kernel. Two possible causes:
1. Multiple ebtables programs were executing simultaneously. The ebtables
userspace tool doesn't by default support multiple ebtables programs running
concurrently. The ebtables option --concurrent or a tool like flock can be
used to support concurrent scripts that update the ebtables kernel tables.
2. The kernel doesn't support a certain ebtables extension, consider
recompiling your kernel or insmod the extension.
Some googling and it seems that maybe ebt_ip is missing? I have the following
root@OpenWrt:/etc/config# ls /lib/modules/5.10.134/ebt*
/lib/modules/5.10.134/ebt_802_3.ko /lib/modules/5.10.134/ebt_stp.ko
/lib/modules/5.10.134/ebt_among.ko /lib/modules/5.10.134/ebt_vlan.ko
/lib/modules/5.10.134/ebt_limit.ko /lib/modules/5.10.134/ebtable_broute.ko
/lib/modules/5.10.134/ebt_mark.ko /lib/modules/5.10.134/ebtable_filter.ko
/lib/modules/5.10.134/ebt_mark_m.ko /lib/modules/5.10.134/ebtable_nat.ko
/lib/modules/5.10.134/ebt_pkttype.ko /lib/modules/5.10.134/ebtables.ko
/lib/modules/5.10.134/ebt_redirect.ko
Or maybe I am too old and there is a better way to disable dhcp over a device that is part of an interface. Basically I dont want to get dhcp requests on my interface from my vpn device.
Using OpenWrt 22.03.0-rc6, r19590-042d558536
Thanks for any help