I'm seeing a lot of the following line in /var/log/syslog:
Jun 21 14:36:15 my-server kernel: [416219.080061] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:the-mac-address:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=328 TOS=0x00 PREC=0x00 TTL=128 ID=10081 PROTO=UDP SPT=68 DPT=67 LEN=308
This seems to happen just about every minute. Is this just my server trying to broadcast something and my own iptables denying it from happening? If so, what kind of service might do such a thing, and should I allow it? I'm running Postgres 9.2.4 on Ubuntu 12.04.2, and basically no other services aside from the basic, pre-installed packages.
Your original question has been answered by NickW above, but in case it's helpful to you the next time something like this happens, here's a quick way to tell for yourself.
The last bit of that log line says "PROTO=UDP SPT=68 DPT=67".
This means that the packet denied by the firewall was a UDP packet, whose source port is 68, and whose destination is port 67.
You can then do: "egrep -w '67|68' /etc/services" in a terminal, and the output (at least on my Ubuntu box) shows:
You can google bootp/dhcp to learn more about the differences/similarities. Just wanted to show how you can take apart the iptables log line for yourself, for future reference.
The log line tells you other useful stuff, like the fact that the packet is coming "IN=eth0" or inbound on your eth0 interface.
PS: Question for you: what do you mean by "The private network that my server is in blocks bcast"?
Those are just DHCP messages, either your server, or another is looking to configure an interface.