On Sun, Dec 24, 2000 at 02:12:12AM +0100, Carel Fellinger wrote: > The problem with this is that I don't have an IP until after my outgoing > interface is set-up:( I get my dynamic IP through dpcpc, so how can I > get out this catch-22?
Well if you need to know the IP address of that interface when you run the ruleset, then yes you are screwed until you know it. In that case what I would do is: 1) run a generic set of rules which denies everything on that interface, using a "pre-up" command in the interfaces file (note that you may have to make an exception to allow dhcp packets from your isp); 2) run another, final set of rules with an "up" command in interfaces. There may be better ways of doing this, but that will work. Come to think of it, another option would be to force dhcpcd to execute a script which does an "/etc/init.d/ipmasq restart" after any time that interface's IP changes. (I think dhcpcd can do this; I don't use it myself though... I am on dial-up. :( ) -- Jim B. [EMAIL PROTECTED]
