Dynamic IP Address
Hello all,
I asked a few messages a little while ago. The answers and my
subsequent research on the internet and reading of R. Ziegler's book
have been a great help in getting my firewall project off the ground.
I started assembling my ipchains ruleset yesterday after updating my
system to 2.2r2 (first time I'd used apt, it's great IMHO). I am basing
it on the example in RZ's book.
I have had a few of problems and hope you can help...
1. I obtain a dynamic IP address from my ISP. How can I include this in
my ruleset? I have experimented with...
$dynipadd="`/sbin/ifconfig ppp0 | grep 'inet addr' | awk '{print$2}' |
sed -e 's/.*://'`"
which I found on a website
... from the command line. The last part gave me some trouble.
2. My ruleset is going to be quite large and the firewall is a 486 (ie a
bit slow). Presumably when the ppp connection is established there is a
short period (longer than it would be with a faster machine) between
that occuring and the rc.firewall file being executed by ip-up when my
system is vulnerable. I was thinking of having a small ruleset denying
everything on the external interface as part of the boot sequence then
sticking with my more detailed ruleset when the ppp connection is
established. Any comments? How would I invoke the smaller ruleset?
The alternative is to start the detailed ruleset on boot. But then, how
do I tell it the dynamic IP address?
3. Do dynamic IP addresses ever get changed during a session? Something
I read seemed to suggest this might occur. If so, how do I overcome
that?
I have a few other queries but I will ask them later incase answers to
the above change things.
Thanks
Mike
Reply to: