From owner-freebsd-security  Sat Mar  2 21:32:53 2002
Delivered-To: freebsd-security@freebsd.org
Received: from rwcrmhc54.attbi.com (rwcrmhc54.attbi.com [216.148.227.87])
	by hub.freebsd.org (Postfix) with ESMTP id 1588237B416
	for <freebsd-security@FreeBSD.ORG>; Sat,  2 Mar 2002 21:32:50 -0800 (PST)
Received: from blossom.cjclark.org ([12.234.91.48]) by rwcrmhc54.attbi.com
          (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP
          id <20020303053244.YXSB1214.rwcrmhc54.attbi.com@blossom.cjclark.org>;
          Sun, 3 Mar 2002 05:32:44 +0000
Received: (from cjc@localhost)
	by blossom.cjclark.org (8.11.6/8.11.6) id g235Wg383676;
	Sat, 2 Mar 2002 21:32:42 -0800 (PST)
	(envelope-from cjc)
Date: Sat, 2 Mar 2002 21:32:42 -0800
From: "Crist J. Clark" <cjc@FreeBSD.ORG>
To: "Scott M. Nolde" <scott@smnolde.com>
Cc: George.Giles@mcmail.vanderbilt.edu, freebsd-security@FreeBSD.ORG
Subject: Re: ipfw and DHCP
Message-ID: <20020302213242.Q66092@blossom.cjclark.org>
References: <OF25945D77.FFDCD63C-ON86256B6F.004C1698@MC.VANDERBILT.EDU> <20020302224033.D32060@smnolde.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20020302224033.D32060@smnolde.com>; from scott@smnolde.com on Sat, Mar 02, 2002 at 10:40:33PM -0500
X-URL: http://people.freebsd.org/~cjc/
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On Sat, Mar 02, 2002 at 10:40:33PM -0500, Scott M. Nolde wrote:
> George.Giles@mcmail.vanderbilt.edu(George.Giles@mcmail.vanderbilt.edu)@2002.03.01 07:52:26 +0000:
> > How do you get ipfw to pick-up DHCP value for oif in the rc.firewall script
> > ?
> > 

Ahhhhhhhhh!!! Are you all _trying_ to hurt me?

> This is what I do:
> onet=`/sbin/ifconfig dc0 | grep -w inet | awk '{print $2}' | awk -F. \
> '{print $1 "." $2 "." $3 ".0"}'`

  onet=`/sbin/ifconfig dc0 | awk '/inet / { split($2, ip, /\./); print ip[1]"."ip[2]"."ip[3]".0"; exit }'`

> omask=`grep subnet-mask /var/db/dhclient.leases | tail -1 | sed \
> "s/[,;]//g" | awk '{print $3}'`

  omask=`awk '/subnet-mask/ { sub(/;/, "", $3); sm = $3; } END { print sm; }' /var/db/dhclient.leases`

Piping grep(1) into awk(1)... *shiver* It just looks so icky. And
piping grep(1) into awk(1) and then into another awk(1) well, I
just... just... *faint* *thunk*
-- 
Crist J. Clark                     |     cjclark@alum.mit.edu
                                   |     cjclark@jhu.edu
http://people.freebsd.org/~cjc/    |     cjc@freebsd.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message