From owner-freebsd-questions@FreeBSD.ORG  Tue Nov  2 20:54:13 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8981116A4CF
	for <freebsd-questions@freebsd.org>;
	Tue,  2 Nov 2004 20:54:13 +0000 (GMT)
Received: from helium.webpack.hosteurope.de (helium.webpack.hosteurope.de
	[217.115.142.90])
	by mx1.FreeBSD.org (Postfix) with ESMTP id EBF3C43D69
	for <freebsd-questions@freebsd.org>;
	Tue,  2 Nov 2004 20:54:12 +0000 (GMT)	(envelope-from me@hexren.net)
Received: from pd955283b.dip.t-dialin.net ([217.85.40.59] helo=hexren)
	by helium.webpack.hosteurope.de with asmtp (Exim 4.34)
	id 1CP5fP-0004Bs-AY; Tue, 02 Nov 2004 21:54:11 +0100
Date: Tue, 2 Nov 2004 21:54:14 +0100
From: Hexren <me@hexren.net>
X-Mailer: The Bat! (v1.62i) Business
X-Priority: 3 (Normal)
Message-ID: <19519311879.20041102215414@hexren.net>
To: lreid@a.cs.okstate.edu
In-Reply-To: <20041102184616.880BDA0686@csa.cs.okstate.edu>
References: <20041102184616.880BDA0686@csa.cs.okstate.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-HE-MXrcvd: no
cc: freebsd-questions@freebsd.org
Subject: Re: ipfw/dhclient conundrum
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: Hexren <me@hexren.net>
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Nov 2004 20:54:13 -0000


lacoe> I have a circular conundrum involving the sequence of boot events that
lacoe> I'm trying to solve, and I'd like to know if any other users have
lacoe> found a solution to this, or what some suggestions may be.

>I have is this: /etc/rc.d/ipfw needs to be run after
>/etc/rc.d/dhclient. This is due to the fact that I do not have a static
>IP lease, and my firewall script determines the external interface's ip
>address with ifconfig. However, if /etc/rc.d/dhclient runs before
>/etc/rc.d/ipfw, with the firewall at default-to-deny and no rules added
>to pass dhcp autoconfigure traffic, dhclient cannot acquire a lease. But
>to run the firewall script, dhclient needs to have acquired a lease so
>the rules make sense. But to run dhclient, ipfw needs to have run... et
>cetera ad nauseum.

---------------------------------------------

Maybe I am not seeing something obvious then please say so, but coud
you tell me for what exacty you need an aquired lease before running
the ipfw script ?
You've thought about making your firewalls rules with something like: "add allow ip from
any to any [attention]via interface[endattention]"

Greetz Hexren