If you're using DHCP with IPFilter, then you should probably look into "finish scripts" for DHCP. This would allow you to run any script after a new lease is obtained...
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Amadeus Stevenson Sent: Thursday, December 16, 2004 10:51 AM To: Darren Reed Cc: Guido van Rooij; [EMAIL PROTECTED] Subject: Re: allow from 0/32 in ipf.conf for dhcp address? > > > pass out quick on rtk0 proto tcp from rtk0/32 to any port = 22 > > > keep state > > > > Does one need to ipf -y every time the address on rtk0 changes? > > At present, yes. Hmm, then this wouldn't be ideal for this situation. The DHCP leases is only 280 seconds, and I can't tell when it will change, so ipf -y isn't a solution. Thanks, Amadeus
