> >
> > e.g. ipchains -i $INTERFACE ...etc
> >
> > and at the start of the script you define INTERFACE=ifconfig | grep 'inet
> > addr' | awk '{print $2}' | sed 's/ ...etc
> >
> > this will fail because it is not ifup ppp0 yet.
> >
>
> I still don't see the problem. If you want to block services to the
> outside world, just put DENY as a default and insert - not append! - a
> rule in order to accept them for the internal IP network, which you
> already know the addresses of even before you ifup the interface.
>
> This is what I do @home, my firewalling rules are loaded at boot time
> and I've never had any problem with this setup.
Yes i know, but sometimes i need to do things like this:
ipchains -A input -i INTERFACE -p udp -d $EXT_IP $PORT -j DENY -l
INTERFACE annd EXT_IP must be got through some method via ifconfig |
grep ...
so if ppp0 is not up then this will fail.
>
> --
> fg
>
> "You can tune a filesystem but you can't tuna fish" (HP/UX' fsck manpage)
--
#include <ce_sucks.h>
#include <signal.h>
#include <sys/types.h>
#include <name.h>
#include <stdio.h>
int main(){(!ce_pass(GEOFF)) ? kill(getpid(),SIGKILL) :
printf("phew\n");}
//Geoff.
