From owner-freebsd-questions Tue Nov 6 14:44: 4 2001 Delivered-To: freebsd-questions@freebsd.org Received: from wintermute.at.org (wintermute.at.org [64.69.77.155]) by hub.freebsd.org (Postfix) with ESMTP id 46E1537B405 for ; Tue, 6 Nov 2001 14:44:02 -0800 (PST) Received: from barney.intergate.ca (alh525c0y14be.bc.hsia.telus.net [142.173.43.70] (may be forged)) by wintermute.at.org (8.11.3/8.11.3) with ESMTP id fA6G6n714773 (using TLSv1/SSLv3 with cipher EDH-RSA-DES-CBC3-SHA (168 bits) verified OK); Tue, 6 Nov 2001 16:06:51 GMT Received: from FRED (fred [192.168.2.1]) by barney.intergate.ca (8.11.3/8.11.3) with ESMTP id fA6Ml6X02323; Tue, 6 Nov 2001 14:47:07 -0800 Date: Tue, 6 Nov 2001 14:50:20 -0800 From: Sean Ellis X-Mailer: The Bat! (v1.51) Reply-To: Sean Ellis Organization: yes X-Priority: 3 (Normal) Message-ID: <179093989.20011106145020@intergate.ca> To: "Crist J. Clark" Cc: Zev Thompson , Scott Nolde , freebsd-questions@FreeBSD.ORG Subject: Re: ipfw script values In-Reply-To: <20011106141846.C386@blossom.cjclark.org> References: <3.0.32.20011106123552.00db8e40@pop.interchange.ubc.ca> <20011106141846.C386@blossom.cjclark.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 1.3 (www dot roaringpenguin dot com slash mimedefang) Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hey, Tuesday, November 06, 2001, 2:18:46 PM, you wrote: > On Tue, Nov 06, 2001 at 12:35:53PM -0800, Zev Thompson wrote: >> Hi Sean, I use the following command in my rc.firewall: >> >> ifconfig ex0 | grep "inet " | awk '{print $2}' > Pet peeve. I have to do this. I cannot help it. No offense intended. > ifconfig ex0 | awk '/inet/ {print $2}' thanks for the input. It's also been pointed out to me that rules along the line of: /sbin/ipfw add 01200 deny all from 192.168.1.0/24 to any in via tun0 /sbin/ipfw add 01300 deny all from 192.168.2.0/24 to any in via tun0 /sbin/ipfw add 02500 deny all from 10.0.0.0/8 to any via tun0 /sbin/ipfw add 02600 deny all from any to 10.0.0.0/8 via tun0 get around the issue by using the name of the interface. I have a couple of related questions. Since I have more than one script I was hoping to be able define an enviromental variable that I could check really easily in case I forget which was the last script that ran; ie. 'echo $FW'. Nothing I've tried so far works. I've added the line 'echo $0 > /var/run/firewall', which is good, but I'd like to know why my attempts to export the value failed. Also, the DHCP client on my Slackware box executes a script when the ip changes, does the FreeBSD dhcp client have the same function. I couldn't find it when I looked, thanks, -- Best regards, Sean mailto:sellis@intergate.ca To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message