Date: Tue, 29 Aug 2000 10:54:54 -0400 (EDT) From: Bruce Petro <bpetro@usa.com> To: freebsd-questions <freebsd-questions@FreeBSD.ORG> Subject: Re: ipfw setup when dhcp? Message-ID: <381555280.967560894826.JavaMail.root@web307-mc.mail.com>
next in thread | raw e-mail | index | archive | help
Paragraphs noted for the future - I thought they would be forced in ... sorry. Meanwhile, thanks for the answer and the input - looks perfect! Thanks Bruce. -----Original Message----- From: cjclark [mailto:cjclark@reflexnet.net] Sent: Tuesday, August 29, 2000 1:45 AM To: bpetro Cc: cjclark; freebsd-questions Subject: Re: ipfw setup when dhcp? [Could you add a newline from time to time? Your paragraphs are all on one line.] On Mon, Aug 28, 2000 at 06:01:04PM -0400, Bruce Petro wrote: > Michael, thanks for the reply - yes, you have a good point, after I reviewed the contents of the rc.firewall that they had documented on http://www.mostgraveconcern.com/freebsd/ (The dual-homed host article - which is what I was going by), I see that the only use of the actual onet and omask and inet and imask was to perform the rules he titles: # Stop spoofing. (see details below). > > So, can anyone share is the #stop spoofing possible to do when you are under dhcp and not able to know ahead of time what your onet and omask are going to be? I know inet and imask are static, and well, I guess you could assume the omask is pretty static, but still the onet address remains quite dynamic... > > Any ideas? I do, oip=`/sbin/ifconfig ${natd_interface} | /usr/bin/awk '/inet / { print $2 }'` oif=${natd_interface} obc=`/sbin/ifconfig ${natd_interface} | /usr/bin/awk '/inet / { print $6 }'` To extract the interface and broadcast address. I didn't bother to grab the mask, but it would be, omask=`/sbin/ifconfig ${natd_interface} | /usr/bin/awk '/inet / { print $4 }'` -- Crist J. Clark cjclark@alum.mit.com ______________________________________________ FREE Personalized Email at Mail.com Sign up at http://www.mail.com/?sr=signup To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?381555280.967560894826.JavaMail.root>