Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 16 Jun 2000 23:28:54 -0400
From:      David Heller <dheller1@rochester.rr.com>
To:        The Clark Family <res03db2@gte.net>, freebsd-questions@freebsd.org
Subject:   Re: Updating ipfw at dhcp induced ip address change.
Message-ID:  <394AF076.3D7439C1@rochester.rr.com>
References:  <Pine.BSF.4.21.0006161851150.14076-100000@orthanc.dsl.gtei.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
The Clark Family wrote:
> 
> I'm going to setup a (FreeBSD) 4.0R system to be my UADSL Firewall,
> transparent accelerated webcache/proxy, webserver, imap server,
> fetchmail, voicemai, etc.
> 
> My question is; if I write my filter and natd rules to refer to fxp1
> instead of my dhcp assigned address, will dhcpd bump ipfw for me when/if
> dhcp changes my address.
> 
> (fxp1 is my outside interface).
> 
> I'm also thinking that I'll hang squid and apache on the loopback
> interface at non privileged ports.
> 
> Any tips, clues, or info would be appreciated.
> 
> Thanks, [RC]
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
 Hi:

I have the same scenario and was not able to find a solution using
Freebsd. However it is not hard with Linux(6.0) to set up a gateway
machine. There is a package called pmfirewall that works pretty good. An
old 486 with 2 nics will work quite well. All I know is if you configure
a firewall with FreeBSD in the normal manner i.e.; firewall enabled in
rc.conf
and using "simple" or "client" firewall type. And your isp reboots there
dhcp server your computer will cease to function altogether
and you will HAVE to reboot. Another option is to find a version of
dhclient which has an option to execute a script every time it is run.
And have the script determine the ipaddress's dynamically another words
put 
.
.
dhclient -c /etc/rc.myfirewall
exit

in rc.local
 And to find your ip: extip="`/sbin/ifconfig fxp1 | grep ' | awk '{print
$2}' | sed -e 's/.*://`'" will return your outside ip and wherever it
asks for outside ip address in your script put $extip instead. Remember
to disable your firewall in rc.conf!!. Don't ask me how that command
works I got it off a Linux Howto. Hope this helps

Dave


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?394AF076.3D7439C1>