I'm posting it here, since Don seems to have missed this one .. Hi Don, You've always been so helpful... thanks ! I am new to the Linux world ..but am learning a little bit more everyday . Don, would it be possible for you to send me your ipchains script with stepwise instructions on implementing a pppd persistent setup ( with ip-up.local and ip-down.local instructions ) Thanks so very much Anurag ----- At 09:07 AM 6/14/00 -0700, you wrote:
On Wed, 14 Jun 2000, anurag jalan wrote:
Hi all,
I use my SuSe 6.4 box as a Firewall & a Gateway ( using a Zyxel ISDN TA ). I am *trying* to get the wvdial.dod script ( from the SuSe support database ) to launch pppd on demand from the nodes.
How do I get wvdial.dod ( or any other script ) to launch my ipchains.rules *just* before pppd is launched ?
I believe this would be less than ideal, since the ipchains rules could not refer to the nonexistent connection that will soon be created by pppd.
Right now, I have to manually run the ipchains.rules script *after* the machine reboots :-( and also run wvdial manually..
To run your ipchains rules automatically *after* the ppp connection is created, consider putting them in /etc/ppp/ip-up.local. The script will get, as a free benefit, six or seven potentially useful parameters, such as the ip address of the newly created port.
To run them more securely (so you don't get any stray packets in the fraction of a second before they finish loading) you can start the input chain for ppp0 with a rule to block all traffic, and later delete that particular rule.
Note: if you run pppd persistent, ip-up and ip-up.local are run on each occasion when a connection is opened - because the IP address may have changed.
In my setup, I have pppd persistent. The script that launches it also (immediately afterward) launches a script that sets a bunch of firewall rules. ip-up.local and ip-down.local essentially turn the firewall on and off, so they are very short.
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com
Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/