Mailinglist Archive: opensuse (3236 mails)

[paulsen@xxxxxxxxx (Robert C. Paulsen, Jr.)]

Rogier Maas wrote:
> 
> Hi,
> 
> I have a SuSE 6.3 box running as a firewall at school. It has an ISDN
> dialup, and I protect it using ipchains. I've made a script that loads
> the rules, and everything works fine....
> 
> Until the IP number changes.
> 
> When the box dials in again, it gets a different IP number. The
> ipchains-rules however, remain on the other, obsolete address. How can I
> fix this? Now I have to make a choice. Either I resubmit the rules on
> the new IP, or I skip the firewalling stuff, thus letting others in...
> 
> Can anyone help me with this? Is there a script I can run *before* the
> dialing?
> 
> Thanks,
> 

Rogier,

Take a look at the new firewals package (yes, that's spelled right!)
in the sec group. There is an update on SuSE's web page. It is a
script called /sbin.init.d/firewall (and yes, this too is spelled
right!) that builds up a nice set of ipchains rules based on the
actual state of the networking, taking into acount dynamically
assigned IP addresses. It is controlled by a config file:

        /etc/rc.firewall

I run the script in /etc/ppp/ip-up.local and ip-down.local

____________________________________________________________________
Robert Paulsen                         http://paulsen.home.texas.net


-- 
To unsubscribe send e-mail to suse-linux-e-unsubscribe@xxxxxxxx
For additional commands send e-mail to suse-linux-e-help@xxxxxxxx             
Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/