Date: Thu, 18 Oct 2001 12:54:30 +1000 (EST) From: "David Trzcinski" <xlr82xs@eis.net.au> To: freebsd-security@FreeBSD.ORG Subject: Re: Using IPFW with dynamic IP Message-ID: <200110180254.f9I2sU809937@tinny.eis.net.au>
next in thread | raw e-mail | index | archive | help
Personly, i would recomend useing /etc/ppp/ppp.linkup with the MYADDR variable ie: !bg /sbin/ipfw (or wherever your ipfw program resides...) add 20 allow tcp from any to MYADDR in via INTERFACE established though, I have found that SOMETIMES, the ppp script doesn't actually add all of the rules...mine are numbered in incresments of 10, but on the rare occasion, several rules may be left out so i go from say 60 to 110 but that isn't really that big of a deal...also, if you're useing dialup, and dont have any other computers sitting behind your freebsd one, or are useing something like nat, you could simply use "any" as your local host in ipfw ie: ipfw add 20 allow tcp from any to any in via tun0 established or whatver your network interface is either way, when you view the logs generated (/var/log/security or /var/log/all.log (if enabled)) you will see your computers current ip listed in the rule...just not if you ipfw -list -- NeoMail - Webmail that doesn't suck... as much. http://neomail.sourceforge.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200110180254.f9I2sU809937>