Devin Rader <[EMAIL PROTECTED]> wrote:
> from the FREESCO manual...
>
> "The main disadvantage of FREESCO - it doesn't have dynamic routing feature,
> it can be only a static router"
>
> No good for a dialup dynamic IP? :)
>
> Devin
Ok, I suppose its time for me to tell about a little hack I had to do
while I'd lost my static IP (don't ask!).
I have a firewall setup script, rc.firewall, in /etc. its pretty big, so I'll
go put it on my web site in a few minutes after sending this:
http://www.inficad.com/~rustyc/firewall.html
(DON'T go there right now! It's not up yet!)
Notice that I've got this line 'extip=<blah>' in there. Well, all you
have to do to get this thing to work with dynamic ip addressing (I won't
guarantee its all you have to do to get EVERYTHING working with dynamic
addressing, and I strongly suggest you go read the references in that
file to other documentation! - and all other disclaimers apply! - you
get broken into its not my fault!) is to write a script (also provided
at the above URL) which takes the above file, with that extip line
changed to extip=FARBOO, and creates a real script with the current
ip address - then runs that script. In my case, I ran the thing
every 5 minutes from cron, just in case I got disconnected (and
yes, I did not bother figuring out how to do it right - this was
supposed to be a temporary hack (that ran for almost 2 weeks) - where
'right' means running it automatically when ppp came up).
Yikes. I must be a salesman.
Anyway, here's a copy of that script:
#!/bin/bash
newip=`/sbin/ifconfig ppp0 | /bin/egrep 'inet addr' | /bin/sed 's/inet addr://' |
/bin/awk
'{print $1}'`
#ifconfig ppp0 | /bin/egrep 'inet addr' | /bin/sed 's/inet addr://' | /bin/awk '{print
$1}'
if [ ".$newip" = "." ] ; then
echo oops - newip is blank again
exit -1
fi
oldip=`cat /tmp/current.ip`
if [ "$newip" == "$oldip" ] ; then exit 0 ; fi
echo $newip >> /etc/rc.d/init.d/iplog
/bin/sed "s/FARBOO/$newip/" /etc/rc.d/init.d/rc.fw.basehack > /tmp/rc.fw.hacko
echo $newip > /tmp/current.ip
chmod 700 /tmp/rc.fw.hacko
/sbin/ipchains -L -n -v -x
/tmp/rc.fw.hacko
echo $newip | elm [EMAIL PROTECTED]
----end of script---
Note that the last line is to send an email to me remotely so I know what
the new ip address is...
Note also that it tries to only run the fw.hacko script if the ip address
actually changes...
rc
Rusty Carruth Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621 SnailMail: Schlumberger ATE
FAX: (480) 345-8793 7855 S. River Parkway, Suite 116
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825
ICBM: 33 20' 44"N 111 53' 47"W
