Date: 28 Mar 2002 22:21:32 -0600 From: James McNaughton <jtm63@enteract.com> To: "Martyn Hill" <sysadmin@st-james-snrgirls.w-london.sch.uk> Cc: "Samuel Chow" <cyschow@shaw.ca>, "FreeBSD-questions" <freebsd-questions@freebsd.org> Subject: Re: Cable-modem, dynamic IP, NAT and IPFW Message-ID: <86zo0shulu.fsf@jamestown.21stcentury.net> In-Reply-To: <003d01c1d676$111728e0$0a00000a@stjames.net> References: <LPBBIGIAAKKEOEJOLEGOKEEFCMAA.barbish@a1poweruser.com> <001e01c1d672$0b46f520$0a00000a@stjames.net> <02b701c1d674$ffcd9ca0$2784412f@ca.nortel.com> <003d01c1d676$111728e0$0a00000a@stjames.net>
next in thread | previous in thread | raw e-mail | index | archive | help
In case it helps, this is what I put in my rc.firewall file to handle
DHCP assigned dynamic IP's:
# set these to your network and netmask and ip
net=`ifconfig ep0 | awk '/inet / {print $2}' | sed -e 's/\.[0-9]*$/.0/'`
mask="255.255.255.0"
ip=`ifconfig ep0 | awk '/inet / {print $2}'`
I think I got the idea from the mailing list archives. Many people do
similar things.
I've found that when the lease expires on my IP address I just keep
getting the same one reassigned. So I've never developed strategy for
updating the firewall rules on the fly like that.
BTW, if you're running without a firewall on the net, take a look at
/etc/hosts.allow for some _rudimentary_ security. Also, as has been
said, don't enable NFS. Also, review /etc/inetd.conf.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86zo0shulu.fsf>