Date: Fri, 16 Jun 2000 23:28:54 -0400 From: David Heller <dheller1@rochester.rr.com> To: The Clark Family <res03db2@gte.net>, freebsd-questions@freebsd.org Subject: Re: Updating ipfw at dhcp induced ip address change. Message-ID: <394AF076.3D7439C1@rochester.rr.com> References: <Pine.BSF.4.21.0006161851150.14076-100000@orthanc.dsl.gtei.net>
next in thread | previous in thread | raw e-mail | index | archive | help
The Clark Family wrote: > > I'm going to setup a (FreeBSD) 4.0R system to be my UADSL Firewall, > transparent accelerated webcache/proxy, webserver, imap server, > fetchmail, voicemai, etc. > > My question is; if I write my filter and natd rules to refer to fxp1 > instead of my dhcp assigned address, will dhcpd bump ipfw for me when/if > dhcp changes my address. > > (fxp1 is my outside interface). > > I'm also thinking that I'll hang squid and apache on the loopback > interface at non privileged ports. > > Any tips, clues, or info would be appreciated. > > Thanks, [RC] > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message Hi: I have the same scenario and was not able to find a solution using Freebsd. However it is not hard with Linux(6.0) to set up a gateway machine. There is a package called pmfirewall that works pretty good. An old 486 with 2 nics will work quite well. All I know is if you configure a firewall with FreeBSD in the normal manner i.e.; firewall enabled in rc.conf and using "simple" or "client" firewall type. And your isp reboots there dhcp server your computer will cease to function altogether and you will HAVE to reboot. Another option is to find a version of dhclient which has an option to execute a script every time it is run. And have the script determine the ipaddress's dynamically another words put . . dhclient -c /etc/rc.myfirewall exit in rc.local And to find your ip: extip="`/sbin/ifconfig fxp1 | grep ' | awk '{print $2}' | sed -e 's/.*://`'" will return your outside ip and wherever it asks for outside ip address in your script put $extip instead. Remember to disable your firewall in rc.conf!!. Don't ask me how that command works I got it off a Linux Howto. Hope this helps Dave To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?394AF076.3D7439C1>