From owner-freebsd-questions  Sun Dec 31 12:20: 5 2000
From owner-freebsd-questions@FreeBSD.ORG  Sun Dec 31 12:20:02 2000
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from grumpy.dyndns.org (user-24-214-56-41.knology.net [24.214.56.41])
	by hub.freebsd.org (Postfix) with ESMTP id 536AA37B400
	for <freebsd-questions@FreeBSD.ORG>; Sun, 31 Dec 2000 12:20:01 -0800 (PST)
Received: from localhost (localhost [127.0.0.1])
	by grumpy.dyndns.org (8.11.1/8.11.1) with ESMTP id eBVKJwQ08173;
	Sun, 31 Dec 2000 14:19:58 -0600 (CST)
	(envelope-from dkelly@grumpy.dyndns.org)
Message-Id: <200012312019.eBVKJwQ08173@grumpy.dyndns.org>
X-Mailer: exmh version 2.2 06/23/2000 with nmh-1.0.4
To: "J.R." <contactjrnow@hotmail.com>
Cc: freebsd-questions@FreeBSD.ORG
From: David Kelly <dkelly@hiwaay.net>
Subject: Re: dhcp and firewalls 
In-reply-to: Message from "J.R." <contactjrnow@hotmail.com> 
   of "Sun, 31 Dec 2000 09:51:49 EST." <OE286TAeDNKpk3oDqW700006895@hotmail.com> 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Sun, 31 Dec 2000 14:19:58 -0600
Sender: dkelly@grumpy.dyndns.org
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Please don't send html to mail lists. My reply at the end.

"J.R." writes:
> This is a multi-part message in MIME format.
> 
> ------=_NextPart_000_0007_01C0730F.4B459950
> Content-Type: text/plain;
> 	charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
> 
> when writing firewall rules, how does one simply establish "oip", when =
> the outside IP is dynamic as with Cogeco cable?
> thanx
> J.R. =20
> 
> ------=_NextPart_000_0007_01C0730F.4B459950
> Content-Type: text/html;
> 	charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
> 
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
> <HTML><HEAD>
> <META http-equiv=3DContent-Type content=3D"text/html; =
> charset=3Diso-8859-1">
> <META content=3D"MSHTML 5.50.4522.1800" name=3DGENERATOR>
> <STYLE></STYLE>
> </HEAD>
> <BODY bgColor=3D#ffffff>
> <DIV><FONT face=3DArial size=3D2>when&nbsp;writing&nbsp;firewall rules, =
> how does one=20
> simply establish "oip", when the outside IP is dynamic as with Cogeco=20
> cable?</FONT></DIV>
> <DIV><FONT face=3DArial size=3D2>thanx</FONT></DIV>
> <DIV><FONT face=3DArial =
> size=3D2>J.R.&nbsp;&nbsp;</FONT></DIV></BODY></HTML>
> 
> ------=_NextPart_000_0007_01C0730F.4B459950--

This works for me:

        nic="fxp0"
        ip=$(/sbin/ifconfig $nic | grep netmask | awk '{print $2}')

Am experimenting with an /etc/dhclient-exit-hooks file to see if I can 
re-init my firewall on address change. The only hairy thing is one 
doesn't want to reset the firewall unless the address really changed.

For details see my posting on -questions, Dec 12, 2000.

--
David Kelly N4HHE, dkelly@hiwaay.net
=====================================================================
The human mind ordinarily operates at only ten percent of its
capacity -- the rest is overhead for the operating system.




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message