Re: Firewalling with DHCP client
Michael Wood wrote:
> Depending on exactly what it is you're doing in your script, you
> might be able to set up the rules based on the interface instead
> of the IP address. This way you can set up the firewall rules
> on boot before you even bring up the networking and not have to
> change them when your IP address changes.
In most of the firewall examples, there are antispoofing rules at the
beginning. And in this case, you need your IP address. However the
kernel can check IP spoofing directly (rp_filter in 2.2) but I don't
know what it is doing exactly.