"����" wrote:
>
As for routing issues of firewal box involving dhcp, Mike has made a
good answer.
So, I will try another aspect; how to write rules involving dynamically
assigned
address by ISP.
If I understood your question, the answer is: you don't write such
address, since
you can't. Instead, the addresses are marked as "any" ("from any" for
outgoing packets
and "to any" for incoming packets), and you sort out flowing packets by
source/
destination ports and the "state" of packets (note "state" works well
only for tcp
packets). As you may notice, this practice works only when "any"
unambiguously
designates the external interface of the firewall box.
horio shoichi
> hi,all:
> There is a question involving the Firewall.As we know ,the Firewall should
>provide two ports:one is the wan port and the other is the lan port.Hence we bind the
> IP address to each of the port.
> It is just the static IP address.The question is : when we have a LAN,and each of
>the pc in the LAN gets its IP address from a DHCP server.How can I setup the IP
>address for the Firewall? And how can I setup the IP-Filter in the Firewall,since the
>pc's IP address is dynamic?
> thank you
>
>
> best regard.
>
> Genu
>
> _____________________________________________
> һ·�����㣬��һ��ҲԸ�⣡
> --Ϊ��ϲ����֧�ֵ�263�׶����ߣ�http://www.263.net��ͶһƱ��
> ��ҪͶƱ����http://fsurvey.cnnic.net.cn/survey/index.html��
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
