"Geoffrey Lee" <[EMAIL PROTECTED]> writes:
>
>
> no francis, the pb is not with the "not" (!) modifier. the pb is when you
> try to get the IP for use with iPchains
>
>
> e.g. ipchains -i $INTERFACE ...etc
>
> and at the start of the script you define INTERFACE=ifconfig | grep 'inet
> addr' | awk '{print $2}' | sed 's/ ...etc
>
> this will fail because it is not ifup ppp0 yet.
>
I still don't see the problem. If you want to block services to the
outside world, just put DENY as a default and insert - not append! - a
rule in order to accept them for the internal IP network, which you
already know the addresses of even before you ifup the interface.
This is what I do @home, my firewalling rules are loaded at boot time
and I've never had any problem with this setup.
--
fg
"You can tune a filesystem but you can't tuna fish" (HP/UX' fsck manpage)
