Date: Mon, 28 Aug 2000 23:45:15 -0700 From: "Crist J . Clark" <cjclark@reflexnet.net> To: Bruce Petro <bpetro@usa.com> Cc: freebsd-questions <freebsd-questions@FreeBSD.ORG> Subject: Re: ipfw setup when dhcp? Message-ID: <20000828234515.F62475@149.211.6.64.reflexcom.com> In-Reply-To: <384197957.967500064518.JavaMail.root@web302-mc.mail.com>; from bpetro@usa.com on Mon, Aug 28, 2000 at 06:01:04PM -0400 References: <384197957.967500064518.JavaMail.root@web302-mc.mail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[Could you add a newline from time to time? Your paragraphs are all on one line.] On Mon, Aug 28, 2000 at 06:01:04PM -0400, Bruce Petro wrote: > Michael, thanks for the reply - yes, you have a good point, after I reviewed the contents of the rc.firewall that they had documented on http://www.mostgraveconcern.com/freebsd/ (The dual-homed host article - which is what I was going by), I see that the only use of the actual onet and omask and inet and imask was to perform the rules he titles: # Stop spoofing. (see details below). > > So, can anyone share is the #stop spoofing possible to do when you are under dhcp and not able to know ahead of time what your onet and omask are going to be? I know inet and imask are static, and well, I guess you could assume the omask is pretty static, but still the onet address remains quite dynamic... > > Any ideas? I do, oip=`/sbin/ifconfig ${natd_interface} | /usr/bin/awk '/inet / { print $2 }'` oif=${natd_interface} obc=`/sbin/ifconfig ${natd_interface} | /usr/bin/awk '/inet / { print $6 }'` To extract the interface and broadcast address. I didn't bother to grab the mask, but it would be, omask=`/sbin/ifconfig ${natd_interface} | /usr/bin/awk '/inet / { print $4 }'` -- Crist J. Clark cjclark@alum.mit.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000828234515.F62475>