Date: Thu, 28 Mar 2002 22:56:21 -0700 From: Samuel Chow <cyschow@shaw.ca> To: "James McNaughton" <jtm63@enteract.com> Cc: sysadmin@st-james-snrgirls.w-london.sch.uk, freebsd-questions@freebsd.org Subject: Re: Cable-modem, dynamic IP, NAT and IPFW Message-ID: <20020328225621.0d7847f5.cyschow@shaw.ca> In-Reply-To: <86zo0shulu.fsf@jamestown.21stcentury.net> References: <LPBBIGIAAKKEOEJOLEGOKEEFCMAA.barbish@a1poweruser.com> <001e01c1d672$0b46f520$0a00000a@stjames.net> <02b701c1d674$ffcd9ca0$2784412f@ca.nortel.com> <003d01c1d676$111728e0$0a00000a@stjames.net> <86zo0shulu.fsf@jamestown.21stcentury.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 28 Mar 2002 22:21:32 -0600 "James McNaughton" <jtm63@enteract.com> wrote: > I've found that when the lease expires on my IP address I just keep > getting the same one reassigned. So I've never developed strategy for > updating the firewall rules on the fly like that. You do realize that you can specify source and target address using the 'me' keyword. Also, you can specify the interface using the 'via' keyword. With these two keywords, you don't have to have any IP addresses in your ipfw rules. For example, ipfw add 1000 allow udp from me to any 53 out via rl0 ipfw add 1000 allow udp from any 53 to me in via rl0 --- Samuel Chow cyschow@shaw.ca Segmentation Fault (core dumped) This message is displayed using recycled electrons. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020328225621.0d7847f5.cyschow>