Interesting Fact About DHCP

Basically, the (iptables) firewall can’t block it and this article explains why:
http://louwrentius.com/why-filtering-dhcp-traffic-is-not-always-possible-with-iptables.html

Before I came across the article I was doing the exact thing the author was doing: flush the existing firewall rules, then implement three rules to block INPUT, OUTPUT and FORWARD. I.e., block all packets. And yet, if I then use $dhclient -r to drop the DHCP lease followed by $dhclient -v to renew it, the router would respond with a new IP address. I thought I had a simple test for blocking broadcast packets but I didn’t.