Re: Dynamic IP Address
Hi!
On Mon, Mar 26, 2001 at 12:17:01PM +0100, Michael Boyd wrote:
> 1. I obtain a dynamic IP address from my ISP. How can I include this in
> my ruleset?
ip-up should supply the IPAddress as commandline parameter.
> 2. My ruleset is going to be quite large and the firewall is a 486 (ie a
> bit slow). Presumably when the ppp connection is established there is a
> short period (longer than it would be with a faster machine) between
> that occuring and the rc.firewall file being executed by ip-up when my
> system is vulnerable. I was thinking of having a small ruleset denying
> everything on the external interface as part of the boot sequence then
> sticking with my more detailed ruleset when the ppp connection is
> established. Any comments? How would I invoke the smaller ruleset?
Just start with setting the policies to DENY (which is IMO required
anyways for a firewall). Then just add the rest.
> 3. Do dynamic IP addresses ever get changed during a session? Something
> I read seemed to suggest this might occur. If so, how do I overcome
> that?
DHCP _could_ change your IP. BUT a) this _should_ not happen nowadays
with sensible ISPs and b) try checking on the interface (which also is
mandatory for good firewalling) where the packet arrived.
HTH, David
--
hallo du hobby nuttttn will f[...]ckn aber nit zahlen an 4rer ziegl
-- "Mario Dimitrov" <mario.dimitrov@chello.at> in at.anzeigen.kontakte
Message-ID: <000b01c0a290$ff500b00$aafc2fd5@telekabel.at>
Reply to: