-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 03/17/2017 09:40 AM, [email protected] wrote: >> So it should be fairly easy to put a command in there that's >> going to read your IP in from another file and set a variable you >> can use in the rules file. Not done it myself, but it should >> work. > > I'm having a chicken & egg problem. > > Easy enough to have ddclient on my router populate > > /etc/MY_CURRENT_IP > > with the IP result, then restart shorewall. > > with > > MY_SW_EXT_IP=$(cat /etc/MY_CURRENT_IP) shorewall-lite restart > > if 'params' has something like > > [ -n "${MY_SW_EXT_IP:=127.0.0.1}" ] > > , if I'm reading > > http://shorewall.net/configuration_file_basics.htm > > right. > > But I've set this up so that I edit & compile my shorewall config > on my desktop, then push to the remote box that's running the > firewall. > > sh shorewall remote-reload -c -s ${MY_FIREWALL} > > That doesn't seem to be grabbing the > > /etc/MY_CURRENT_IP > > right at compile+push, until after I restart the firewall again. > > Not sure how to make sure that it grabs that remote RUNTIME value > correctly while making sure that compile-time doesn't complain > about the local value being undefined. >
Please see http://www.shorewall.org/configuration_file_basics.htm#AddressVariables - -Tom - -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.net \________________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJYzBNrAAoJEJbms/JCOk0QYFsP/jKbaPaVBRQh2uzKgHO4qHWj paIUbhZSu1eDe8SBC8J2O3cyHilv5VbqQT70EwKRvZA5ygxJqiD0e5sTle9Sz660 cd8soKZHnkNQRD93Woxh3MHxDRExhTnaKBiVqV+PVpTgrRvvyjxgCV/IqH1PXt/O ldAX4RInbpek69xxZYU5vYoVyimGlkR+j4u1zou/bAMYfBlqsmr4/J/sUFAes+YG SlS8dNAgiuws5iyiXqpIJD1bZ1f+JhkUxsAEZJhaKVkFv+MFYxIArHH3H67aKPfu 6lBgx6nfFdXIC2LbnbCAX0apG63l4Ey2d8w/ldcxm+SNqFYt28MpbfQUV96N+6kw UZloK20+IJj67gDLzh4p6JqoO36GrBP4yNk2rj2teb0qbg61GqWwkWKChYYbkP/z OFPSi1GOdzxxZKBjOl9jgLB1C9N6YsU6a96o/l/Zgj4qgIPPnfVbIX5jXMHLF/Ta 12xW3Tx2ZfTgcEQcRzoxTze/dMJ1lA4VcTRf8LovhoMz3FE0J9xXf9C/v1kZ5dbV OhHLvFyC2xz9VzBacmCnT4YRC7O44FgUWXge6OWnvs1bh6eUp01krq2TUXVCNdR3 C117PEkKitl7PGbf5yaTM2Q+1Y1PSYZPOdPDWgxbXNJweRCZGY4cDK4t54fZcUZt mdxaESgPQTDtqJzQAYAU =2nA2 -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
