Date: Sat, 24 Mar 2001 16:22:10 -0600 From: David Kelly <dkelly@hiwaay.net> To: Randy Bush <randy@psg.com> Cc: FreeBSD Laptoppers <freebsd-mobile@FreeBSD.ORG> Subject: Re: ipfw and shifting address Message-ID: <200103242222.f2OMMAP84277@grumpy.dyndns.org> In-Reply-To: Message from Randy Bush <randy@psg.com> of "Sat, 24 Mar 2001 13:06:10 PST." <E14gvEg-0004pE-00@rip.psg.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multipart MIME message.
--==_Exmh_-4228561080
Content-Type: text/plain; charset=us-ascii
Randy Bush writes:
> anyone have a simple hack for using ipfw on a roaming laptop? i.e. the ip
> network, interface, and netmask change often, which would seem to make
> /etc/rc.firewall a bit unhappy.
Edit the attached file to your liking and put it in /etc. Take out the
debug loggin stuff and ddup. Point it at your firewall rule file. In
your firewall file (mine is /etc/dmk.firewall) use the following to
detect the IP address (if you need it in your rules):
ip=$(/sbin/ifconfig $nic | grep ask | awk '{print $2}')
My ISP issues 2 hour leases, renews at 1 hour. Script has been working
pretty good for the past couple of months.
--==_Exmh_-4228561080
Content-Type: text/plain ; name="dhclient-exit-hooks"; charset=us-ascii
Content-Description: dhclient-exit-hooks
Content-Disposition: attachment; filename="dhclient-exit-hooks"
#!/bin/sh
(
date
echo ${reason:-NO_REASON_GIVEN}
case ${reason} in
BOUND|REBIND)
# May or may not be a new address.
# adds $old_ip_address to working variables
# use :-number to force behavior if variables are missing
if [ ${old_ip_address:-0} != ${new_ip_address:-1} ]
then
if [ X${new_ip_address%\.[0-9]*\.[0-9]*} = "X192.168" ]
then
echo "do nothing: darned modem IP address ${new_ip_address}"
else
. /etc/dmk.firewall
# if one is using DynDNS:
echo /usr/local/sbin/ddup --host grumpy.dyndns.org --static
/usr/local/sbin/ddup --host grumpy.dyndns.org --static
# set
fi
else
echo "addresses did not change (${reason})"
fi
;;
REBOOT)
echo "reboot"
# echo "re-init firewall"
# /bin/sh /etc/dmk.firewall 2>&1
echo `date`
;;
*)
echo "nothing needed (${reason:-NOT_SPECIFIED})"
;;
esac
if [ X${old_ip_address} != "X" ]
then
echo "old_ip_address = " ${old_ip_address}
fi
if [ X${new_ip_address} != "X" ]
then
echo "new_ip_address = " ${new_ip_address}
fi
) 2>&1 >> /home/dkelly/dhclient.debug
--==_Exmh_-4228561080
Content-Type: text/plain; charset=us-ascii
--
David Kelly N4HHE, dkelly@hiwaay.net
=====================================================================
The human mind ordinarily operates at only ten percent of its
capacity -- the rest is overhead for the operating system.
--==_Exmh_-4228561080--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-mobile" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200103242222.f2OMMAP84277>