On Sun, 9 Sep 2001, J Barnes wrote:

I'm writing custom ip chains and am filtering out ip addresses that are not mine. the book i bought on ipchains specifys a static ip address for me in the chains but my internet provider gives me a dynamic ip address on my modem connection. How can I associate the dynamic address with the static address in my ip chains? Is there a better way? In most situations it is enough to specify the interface only (-i ppp0) and don't care about the ip.

hth Markus -- _____________________________ /"\ Markus Gaugusch ICQ 11374583 \ / ASCII Ribbon Campaign markus@gaugusch.dhs.org X Against HTML Mail / \

On Sun, 09 Sep 2001 16:16:38 -0500, J Barnes wrote:

Hi I'm writing custom ip chains and am filtering out ip addresses that are not mine. the book i bought on ipchains specifys a static ip address for me in the chains but my internet provider gives me a dynamic ip address on my modem connection. How can I associate the dynamic address with the static address in my ip chains? Is there a better way?

PLEASE HELP

You can call the ipchains script from the ip-up script which is executed after dialup. One of the parameters within ip-up is the IP address your ISP allocated for you. But you should remember to flash the chains before you add rules to them at dialup or when the link goes down, otherwise you might be unconsciously adding the rules again every time you dialin. Another way would be to use interfaces (e.g. -i ppp0) because you won't normaly have incoming traffic that comes from your own address on the outside interface (at least I never experienced that). To allow local (you machine only) traffic use -i lo to specify the loopback device as interface. Hope this helps. Regards, Martin Brecher --- fork (2) - New processes are created by other processes, just like new humans. New humans are created by other humans, of course, not by processes. (Unix System Administration Handbook)