diff --git a/dom0/init.d/iptables b/dom0/init.d/iptables
index 043ff46c..70c7463d 100644
--- a/dom0/init.d/iptables
+++ b/dom0/init.d/iptables
@@ -12,6 +12,8 @@ COMMIT
 :INPUT ACCEPT [0:0]
 :FORWARD ACCEPT [0:0]
 :OUTPUT ACCEPT [0:0]
+-A INPUT -i br+ -p udp -m udp --dport 68 -j DROP
+-A INPUT -i vif+ -p udp -m udp --dport 68 -j DROP
 -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 
 -A INPUT -p icmp -j ACCEPT 
 -A INPUT -i lo -j ACCEPT