Re: [suse-security] IPCHAINS and dynamic IP addresses

There is a way it is done using grep and cut take a look at the script on http://firewall.langistix.com just downloadit and read the firewall.sh script after unpacking it I really liked the way they do it all you do is tell the script the interface and then it determines the ip adress and it even checks for rfc1918 quite interesting! I borrowed their idea for mine. On Thu, 27 Jul 2000, Charles Price wrote:

Date: Thu, 27 Jul 2000 18:30:00 +0100 From: Charles Price To: suse security-listserv Subject: [suse-security] IPCHAINS and dynamic IP addresses

At the moment I just have a masquerading firewall but I'm hoping to add a shell script containing ipchains rules onto it soon. At the moment the script defines variables at the beginning and uses them later. ie.

#!/bin/sh

EXTERNAL_INTERFACE="eth0" IP_ADDR="192.168.1.20"

ipchains -A input $EXTERNAL_INTERFACE -s $IP_ADDR etc.etc.

Although there is a problem.

I've got a dynamically assigned IP address, so in theory I'd have to re-configure the script every time PPP was started. Is there and environment variable in BASH to do the job $IP_ADDR or something like that, but then how does it know which? eth0 or ppp0? I feel I'm going to have to write a more cunning piece of script for this one. Any ideas?

Kind Regards

Charles P.W. Price ------------------------------ charlie@iago.org.uk www.iago.org.uk

Noah ksemat@eahd.or.ug