You could apply your rule just to the incomming interface (e.g. "ipchains -A input -i eth1 -s 0/0 -p tcp -y -l -j DENY") Or, more elegantly, you could apply your rules from your ip-up script and fetch the ip address from ifconfig or dns or whatever: ip_addr=`ifconfig eth0 | grep "inet addr" | awk '{ print $2}' | awk -F : '{print $2}'` ... ipchains -A -s 0/0 -d $ip_addr 22 -p tcp -y -l -j ACCEPT ... regards, Stefan -----Ursprüngliche Nachricht----- Von: Eduard Meiler [mailto:edik@meiler.org] Gesendet: Mittwoch, 31. Oktober 2001 16:48 An: suse-security@suse.com Betreff: [suse-security] ipchains with dynamic IP Hallo, a simple question. I'm running Suse Linux 7.2 with DSL ans I use damon dsl, which is starting pppd with pppoe. Now the connection is fine. I would like to put in the dsl script the Ipchains rules. How I tell this rules the IP for eth1, which is a dynamic IP from the Provider ? regards eduard