[WBEL-users] DHCP and firewall script
Greg Wildman
list@itns.co.za
Thu, 26 Aug 2004 17:05:44 +0200
Jean LEE said the following on 25/08/2004 17:40:
> Hello all,
>
> I am connected through the Internet via an ADSL connection and I have an Ethernet modem connected to eth1. I obtain an IP-adress dynamically via DHCP.
> Moreover, I am using a script (which implements a Firewall and masquerading with iptables) which detects automatically this dynamic IP-address but I have to run this script every time a new IP-adress is given to eth1.
>
> When do I have to launch this script ? only at startup or after too ?
> What is the DHCP client that WBEL uses?
> Where can I launch this script ? Does this DHCP-client as a startup file like /etc/ppp/ip-up for PPP connections
Put the following into /etc/ppp/ip-up.local. This file is executed
everytime ppp0 (any ppp device) is brought up. The script will run
/etc/firewall/saturn.fw everytime your ppp0 connection comes up. Change
to suit your needs.
#!/bin/bash
#
# handle the ADSL firewall
PATH=/sbin:/usr/sbin:/bin:/usr/bin
export PATH
REALDEVICE=$1
IPADDRESS=$4
GATEWAY=$5
LOGDEVICE=$6
if [ "$LOGDEVICE" == "ppp0" ]; then
## Bring up the firewall as dynamic IP's have changed.
if [ -x /etc/firewall/saturn.fw ]; then
/etc/firewall/saturn.fw
fi
fi
I also use the following in /etc/ppp/ip-down.local which just clears the
firewall when the ppp connection is dropped.
#!/bin/bash
#
# handle the ADSL routing tables. saturn.gjw.net - Greg, October 2003
PATH=/sbin:/usr/sbin:/bin:/usr/bin
export PATH
REALDEVICE=$1
IPADDRESS=$4
GATEWAY=$5
LOGDEVICE=$6
service iptables stop
--
Redmond, we have a problem.