Re: configure firewall in etch

2009-03-29 Thread Michelle Konzack 
I assume DOT CU stands for CUBA and I know, Cuba is a little bit behind,
but if you are using "Debian GNU/Linux", correct  first  your  computers
TIME!

Thanks, Greetings and nice Day/Evening
Michelle Konzack
Systemadministrator
24V Electronic Engineer
Tamay Dogan Network
Debian GNU/Linux Consultant

-- 
Linux-User #280138 with the Linux Counter, http://counter.li.org/
# Debian GNU/Linux Consultant #
 Michelle Konzack
   Apt. 917
   50, rue de Soultz
Jabber linux4miche...@jabber.ccc.de   67100 Strasbourg/France
IRC #Debian (irc.icq.com) Tel. DE: +49 177 9351947
ICQ #328449886Tel. FR: +33  6  61925193


signature.pgp
Description: Digital signature

Re: configure firewall in etch

2009-03-29 Thread Michelle Konzack 
What about configuring first your computers TIME?


Thanks, Greetings and nice Day/Evening
Michelle Konzack
Systemadministrator
24V Electronic Engineer
Tamay Dogan Network
Debian GNU/Linux Consultant

-- 
Linux-User #280138 with the Linux Counter, http://counter.li.org/
# Debian GNU/Linux Consultant #
 Michelle Konzack
   Apt. 917
   50, rue de Soultz
Jabber linux4miche...@jabber.ccc.de   67100 Strasbourg/France
IRC #Debian (irc.icq.com) Tel. DE: +49 177 9351947
ICQ #328449886Tel. FR: +33  6  61925193


signature.pgp
Description: Digital signature

Re: configure firewall in etch

2009-03-25 Thread Tapani Tarvainen 
On Wed, Mar 25, 2009 at 11:10:01PM -0600, Dan Schaper (dscha...@ganymeade.com) 
wrote:

> #!/bin/bash
> ip=`ifconfig $1 | grep "inet addr" | awk '{print $2}' | tr -d addr:`
> echo Your ip on $1 is $ip

Not that it really matters, but you don't need grep and tr:

ip=`ifconfig $1 | awk '/inet addr/{sub(/addr:/,""); print $2}'`

or even shorter

ip=`ifconfig $1 | awk -F'[: ]+' '/inet addr:/{print $4}'`

and unless you need the ip in a variable for other purposes, you can
do away with the echo as well:

ifconfig $1 | awk  -F'[: ]+' '/inet addr:/{print "your ip on '$1' is "$4}'

Also, it might be prudent to use full path for ifconfig,
i.e. /sbin/ifconfig, as /sbin may not be in $PATH.

-- 
Tapani Tarvainen


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: configure firewall in etch

2009-03-25 Thread Dan Schaper 
Alex wrote:
> It's no need to send one e-mail multiple times, and please set your
> system date and time acordingly
> You can find out your ip address using a script like  this
>
> #!/bin/bash
> ip=`ifconfig ethX | grep "inet addr" | awk '{print $2}' | tr -d addr:`
> echo Your ip on ethX is $ip
>
> where X is the number of your ethernet interface that you want to find
> out its ip
>   
Just a little update on that script, to allow for non eth interfaces...

#!/bin/bash
ip=`ifconfig $1 | grep "inet addr" | awk '{print $2}' | tr -d addr:`
echo Your ip on $1 is $ip

This should allow for passing the interface, i.e. ./findip.sh eth0  or
if this is on a DHCP assigned address like a PPPoE, ./findh.sh ppp0.
I'm going to add it to my post-update script for my ppp0 interface to
update some routing tables, and to kludge in some DDNS entries...

Re: configure firewall in etch

2009-03-25 Thread Alex 
leo wrote:
> On Mon, 2001-12-31 at 10:52 -0700, leo wrote:
>   
>> On Mon, 2001-12-31 at 10:33 -0700, leo wrote:
>> 
>>> hello,
>>>
>>> is there any problem configuring a firewall in an dhcp client machine
>>> when an IP address change every time I reboot. In the firewall rules I
>>> denied (DROP) all incoming and OUTCOMING packet messages and after that
>>> this line:
>>>
>>> iptables -A INPUT -s 192.168.16.118 -j ACCEPT
>>> iptables -A OUTPUT -d 192.168.16.118 -j ACCEPT
>>>
>>> lets my IP address can do anything although in the next reboot this IP
>>> changes so that line will not be valid anymore
>>>
>>> my idea to fix this is copying this IP to an enviroment variable (with
>>> export command?) to use it in my firewall rules script taking it's value
>>> for example: 
>>>
>>> iptables -A INPUT -s $myIP -j ACCEPT
>>> iptables -A OUTPUT -d $myIP -j ACCEPT
>>>
>>> the part I don't know is how can I copy the IP address from boot
>>>
>>>
>>>   
>> 
>
>
>   
It's no need to send one e-mail multiple times, and please set your
system date and time acordingly
You can find out your ip address using a script like  this

#!/bin/bash
ip=`ifconfig ethX | grep "inet addr" | awk '{print $2}' | tr -d addr:`
echo Your ip on ethX is $ip

where X is the number of your ethernet interface that you want to find
out its ip


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

configure firewall in etch

2009-03-25 Thread leo 
On Mon, 2001-12-31 at 10:52 -0700, leo wrote:
> On Mon, 2001-12-31 at 10:33 -0700, leo wrote:
> > hello,
> > 
> > is there any problem configuring a firewall in an dhcp client machine
> > when an IP address change every time I reboot. In the firewall rules I
> > denied (DROP) all incoming and OUTCOMING packet messages and after that
> > this line:
> > 
> > iptables -A INPUT -s 192.168.16.118 -j ACCEPT
> > iptables -A OUTPUT -d 192.168.16.118 -j ACCEPT
> > 
> > lets my IP address can do anything although in the next reboot this IP
> > changes so that line will not be valid anymore
> > 
> > my idea to fix this is copying this IP to an enviroment variable (with
> > export command?) to use it in my firewall rules script taking it's value
> > for example: 
> > 
> > iptables -A INPUT -s $myIP -j ACCEPT
> > iptables -A OUTPUT -d $myIP -j ACCEPT
> > 
> > the part I don't know is how can I copy the IP address from boot
> > 
> > 
> 
> 


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

configure firewall in etch

2009-03-25 Thread leo 
hello,

is there any problem configuring a firewall in an dhcp client machine
when an IP address change every time I reboot. In the firewall rules I
denied (DROP) all incoming and OUTCOMING packet messages and after that
this line:

iptables -A INPUT -s 192.168.16.118 -j ACCEPT
iptables -A OUTPUT -d 192.168.16.118 -j ACCEPT

lets my IP address can do anything although in the next reboot this IP
changes so that line will not be valid anymore

my idea to fix this is copying this IP to an enviroment variable (with
export command?) to use it in my firewall rules script taking it's value
for example: 

iptables -A INPUT -s $myIP -j ACCEPT
iptables -A OUTPUT -d $myIP -j ACCEPT

the part I don't know is how can I copy the IP address from boot


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org