[prev in list] [next in list] [prev in thread] [next in thread]
List: freebsd-questions
Subject: Re: dhcp and firewalls
From: David Kelly <dkelly () hiwaay ! net>
Date: 2000-12-31 20:19:58
[Download RAW message or body]
Please don't send html to mail lists. My reply at the end.
"J.R." writes:
> This is a multi-part message in MIME format.
>
> ------=_NextPart_000_0007_01C0730F.4B459950
> Content-Type: text/plain;
> charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
>
> when writing firewall rules, how does one simply establish "oip", when > the \
> outside IP is dynamic as with Cogeco cable? thanx
> J.R.
>
> ------=_NextPart_000_0007_01C0730F.4B459950
> Content-Type: text/html;
> charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
>
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
> <HTML><HEAD>
> <META http-equiv=Content-Type content="text/html; > charset=iso-8859-1">
> <META content="MSHTML 5.50.4522.1800" name=GENERATOR>
> <STYLE></STYLE>
> </HEAD>
> <BODY bgColor=#ffffff>
> <DIV><FONT face=Arial size=2>when writing firewall rules, > how does one
> simply establish "oip", when the outside IP is dynamic as with Cogeco
> cable?</FONT></DIV>
> <DIV><FONT face=Arial size=2>thanx</FONT></DIV>
> <DIV><FONT face=Arial > size=2>J.R. </FONT></DIV></BODY></HTML>
>
> ------=_NextPart_000_0007_01C0730F.4B459950--
This works for me:
nic="fxp0"
ip=$(/sbin/ifconfig $nic | grep netmask | awk '{print $2}')
Am experimenting with an /etc/dhclient-exit-hooks file to see if I can
re-init my firewall on address change. The only hairy thing is one
doesn't want to reset the firewall unless the address really changed.
For details see my posting on -questions, Dec 12, 2000.
--
David Kelly N4HHE, dkelly@hiwaay.net
====================================================================The human mind \
ordinarily operates at only ten percent of its capacity -- the rest is overhead for \
the operating system.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
[prev in list] [next in list] [prev in thread] [next in thread]