[lug] Firewall question
kevin at scrye.com
Thu Jan 20 16:57:02 MST 2000
>>>>> "William" == "William Jarosko Jr " <winrip at fpcc.net> writes:
William> I'm working on making my ipchains rules alittle more
William> restrictive. I know I can define my ip address in a firewall
William> script if it is known. However with my isp assigning dynamic
William> IP's I am wondering where or how to retrieve the IP and
William> assign it to a variable in the firewall script.
William> <Example> external="ppp0" DYIP="Dynamic IP" any="any/0"
William> ipchains -A output -i $external -p tcp -y -s $DYIP -d $any
William> $XWIN -j REJECT ipchains -A input -i $external -p tcp -y -d
William> $DYIP $XWIN -j DENY
William> As you can see, if the dynamic IP were in fact a static IP I
William> would have no problem but it's the assighing of the Dynamic
William> IP that is throwing me for a loop. Though buying a static IP
William> isn't out of the question I'd just like to figure this out.
Just add in something to come up with your ppp0 ip...
In the script I use sometimes:
LOCALIP=`/sbin/ifconfig $LOCALIF | grep inet | cut -d : -f 2 | cut -d \ -f 1`
LOCALMASK=`/sbin/ifconfig $LOCALIF | grep Mask | cut -d : -f 4`
You will of course have to run this after every time you login. (in ppp-on?)
William> Thanks in advance Bill.
MTS, tummy.com, ltd.
http://www.tummy.com/ KRUD - Kevin's Red Hat Uber Distribution
More information about the LUG