From owner-freebsd-questions@FreeBSD.ORG  Tue Apr 10 13:34:04 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 2FBBD16A400
	for <freebsd-questions@freebsd.org>;
	Tue, 10 Apr 2007 13:34:04 +0000 (UTC)
	(envelope-from jbronson-freebsd@sixcompanies.com)
Received: from ms-smtp-03.rdc-kc.rr.com (ms-smtp-03.rdc-kc.rr.com
	[24.94.166.129])
	by mx1.freebsd.org (Postfix) with ESMTP id 028E313C48C
	for <freebsd-questions@freebsd.org>;
	Tue, 10 Apr 2007 13:34:03 +0000 (UTC)
	(envelope-from jbronson-freebsd@sixcompanies.com)
Received: from shadow.sixcompanies.com (CPE-72-128-124-100.wi.res.rr.com
	[72.128.124.100])
	by ms-smtp-03.rdc-kc.rr.com (8.13.6/8.13.6) with ESMTP id
	l3ADY28q013597 for <freebsd-questions@freebsd.org>;
	Tue, 10 Apr 2007 08:34:02 -0500 (CDT)
Received: from dakota.sixcompanies.com (shadow.sixcompanies.com [10.43.82.174])
	by shadow.sixcompanies.com (8.14.1/8.14.1) with ESMTP id l3ADY1MJ006807
	for <freebsd-questions@freebsd.org>;
	Tue, 10 Apr 2007 08:34:02 -0500 (CDT)
Message-Id: <200704101334.l3ADY1MJ006807@shadow.sixcompanies.com>
X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9
Date: Tue, 10 Apr 2007 08:34:51 -0500
To: freebsd-questions@freebsd.org
From: "J.D. Bronson" <jbronson-freebsd@sixcompanies.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
X-Virus-Scanned: Symantec AntiVirus Scan Engine
Subject: ipfilter and DHCP
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Apr 2007 13:34:04 -0000

Ok...what do you guys do to handle a change of IP/network via DHCP 
with ipfilter?

I have been told that if my IP changes while the machine is up and 
running that ipfilter WON'T see this change and needs to be 
told...supposedly it only reads the IP when it starts itself.

If this is true, is there any easy way to fix this?
I run ipcheck.py and that can invoke a script if needed if it notices 
and IP changed....

ipnat.conf:
map bge1 192.43.82.0/24 -> 0/32 proxy port ftp ftp/tcp
map bge1 192.43.82.0/24 -> 0/32 portmap tcp/udp auto
map bge1 192.43.82.0/24 -> 0/32

rdr bge1 0.0.0.0/0 port 25 -> 192.43.82.170 port 25


I presume if it reads the IP and fills in the '0/32' + '0.0.0.0/0' 
values at startup...having my IP change could be disasterous.

thanks for any tips-

-JD