From owner-freebsd-questions  Mon Aug 28 23:45:38 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from mailhost01.reflexnet.net (mailhost01.reflexnet.net [64.6.192.82])
	by hub.freebsd.org (Postfix) with ESMTP id BF4ED37B443
	for <freebsd-questions@freebsd.org>; Mon, 28 Aug 2000 23:45:35 -0700 (PDT)
Received: from 149.211.6.64.reflexcom.com ([64.6.211.149]) by mailhost01.reflexnet.net  with Microsoft SMTPSVC(5.5.1877.197.19);
	 Mon, 28 Aug 2000 23:44:32 -0700
Received: (from cjc@localhost)
	by 149.211.6.64.reflexcom.com (8.9.3/8.9.3) id XAA97830;
	Mon, 28 Aug 2000 23:45:16 -0700 (PDT)
	(envelope-from cjc)
Date: Mon, 28 Aug 2000 23:45:15 -0700
From: "Crist J . Clark" <cjclark@reflexnet.net>
To: Bruce Petro <bpetro@usa.com>
Cc: freebsd-questions <freebsd-questions@FreeBSD.ORG>
Subject: Re: ipfw setup when dhcp?
Message-ID: <20000828234515.F62475@149.211.6.64.reflexcom.com>
Reply-To: cjclark@alum.mit.edu
References: <384197957.967500064518.JavaMail.root@web302-mc.mail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0i
In-Reply-To: <384197957.967500064518.JavaMail.root@web302-mc.mail.com>; from bpetro@usa.com on Mon, Aug 28, 2000 at 06:01:04PM -0400
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

[Could you add a newline from time to time? Your paragraphs are all on
one line.]

On Mon, Aug 28, 2000 at 06:01:04PM -0400, Bruce Petro wrote:
> Michael, thanks for the reply - yes, you have a good point, after I reviewed the contents of the rc.firewall that they had documented on http://www.mostgraveconcern.com/freebsd/ (The dual-homed host article - which is what I was going by), I see that the only use of the actual onet and omask and inet and imask was to perform the rules he titles: # Stop spoofing. (see details below). 
> 
> So, can anyone share is the #stop spoofing possible to do when you are under dhcp and not able to know ahead of time what your onet and omask are going to be?  I know inet and imask are static, and well, I guess you could assume the omask is pretty static, but still the onet address remains quite dynamic...
> 
> Any ideas?

I do,

  oip=`/sbin/ifconfig ${natd_interface} | /usr/bin/awk '/inet / { print $2 }'`
  oif=${natd_interface}
  obc=`/sbin/ifconfig ${natd_interface} | /usr/bin/awk '/inet / { print $6 }'`

To extract the interface and broadcast address. I didn't bother to
grab the mask, but it would be,

  omask=`/sbin/ifconfig ${natd_interface} | /usr/bin/awk '/inet / { print $4 }'`
-- 
Crist J. Clark                           cjclark@alum.mit.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message