Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 24 Mar 2001 16:22:10 -0600
From:      David Kelly <dkelly@hiwaay.net>
To:        Randy Bush <randy@psg.com>
Cc:        FreeBSD Laptoppers <freebsd-mobile@FreeBSD.ORG>
Subject:   Re: ipfw and shifting address 
Message-ID:  <200103242222.f2OMMAP84277@grumpy.dyndns.org>
In-Reply-To: Message from Randy Bush <randy@psg.com>  of "Sat, 24 Mar 2001 13:06:10 PST." <E14gvEg-0004pE-00@rip.psg.com>
next in thread | previous in thread | raw e-mail | index | archive | help 

[-- Attachment #1 --]
Randy Bush writes:
> anyone have a simple hack for using ipfw on a roaming laptop?  i.e. the ip
> network, interface, and netmask change often, which would seem to make
> /etc/rc.firewall a bit unhappy.

Edit the attached file to your liking and put it in /etc. Take out the
debug loggin stuff and ddup. Point it at your firewall rule file. In
your firewall file (mine is /etc/dmk.firewall) use the following to
detect the IP address (if you need it in your rules):

        ip=$(/sbin/ifconfig $nic | grep ask | awk '{print $2}')

My ISP issues 2 hour leases, renews at 1 hour. Script has been working 
pretty good for the past couple of months.

[-- Attachment #2 --]
#!/bin/sh

(
date
echo ${reason:-NO_REASON_GIVEN}

case ${reason} in
        BOUND|REBIND)
		# May or may not be a new address.
		# adds $old_ip_address to working variables
		# use :-number to force behavior if variables are missing
		if [ ${old_ip_address:-0} != ${new_ip_address:-1} ]
		then
		    if [ X${new_ip_address%\.[0-9]*\.[0-9]*} = "X192.168" ]
		    then 
			echo "do nothing: darned modem IP address ${new_ip_address}" 
		    else
                	. /etc/dmk.firewall 
			# if one is using DynDNS:
			echo /usr/local/sbin/ddup --host grumpy.dyndns.org --static 
			/usr/local/sbin/ddup --host grumpy.dyndns.org --static 
			# set 
		    fi
		else
			echo "addresses did not change (${reason})" 
		fi
                ;;
	REBOOT)
		echo "reboot"
#		echo "re-init firewall"
#		/bin/sh /etc/dmk.firewall 2>&1
		echo `date`
		;;
	*)
		echo "nothing needed (${reason:-NOT_SPECIFIED})" 
		;;
esac

if [ X${old_ip_address} != "X" ]
then
	echo "old_ip_address = " ${old_ip_address}
fi

if [ X${new_ip_address} != "X" ]
then
	echo "new_ip_address = " ${new_ip_address}
fi

) 2>&1 >> /home/dkelly/dhclient.debug

[-- Attachment #3 --]
--
David Kelly N4HHE, dkelly@hiwaay.net
=====================================================================
The human mind ordinarily operates at only ten percent of its
capacity -- the rest is overhead for the operating system.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200103242222.f2OMMAP84277>