Re: static IP to dynamic IP - Jason Opperisano

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Jason Opperisano <opie@817west.com>
To: netfilter@lists.netfilter.org
Subject: Re: static IP to dynamic IP
Date: Fri, 15 Oct 2004 14:55:51 -0400	[thread overview]
Message-ID: <20041015185551.GA7745@bender.817west.com> (raw)
In-Reply-To: <20041015184106.39028.qmail@web21526.mail.yahoo.com>

On Fri, Oct 15, 2004 at 11:41:06AM -0700, kate wrote:
> 1. yes I have ipt_MASQUERADE loaded.
> 2. my logic was to substitute any static_ip refernce
> with -i eth0, but you're saying that doesn't work.

no--it doesn't work.  might be a nice feature request...but alas at the
current state of technology--no dice.

> Would refernce to the box eg. myfw.mydomain.com work
> instead of ip_static ?

nope--same problem, essentially.  when you use an FQDN in a rule--it is
resolved to an IP address once, at the time the rule is loaded.

> Your neat script, where would I place that in my fw
> script? at the top? Does it need anything else to make
> it work?

it's really just a variable declaration, but yeah--at the top would be a
good place for it.

once you have a script that can figure out your IP addresses for you at
the time of execution--the only other piece you need is to reload your
rules each time your IP address changes--the man page of your particular
DHCP client should have details on how to execute a script on IP
change.

this also isn't as big a deal in practice as it may seem--my firewall on
my cable modem at my house has had the same IP address since 11-27-2003
(the day i upgraded it).

> you can see that I am new at this!

s'alright--that's what these lists are for.  a good read for newbies is
the IPTables Tutorial, located at:

http://iptables-tutorial.frozentux.net/iptables-tutorial.html

-j

-- 
Jason Opperisano <opie@817west.com>

next prev parent reply	other threads:[~2004-10-15 18:55 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-10-15 17:44 static IP to dynamic IP kate
2004-10-15 18:14 ` kate
2004-10-15 18:21   ` Rob Sterenborg
2004-10-15 18:22 ` Jason Opperisano
2004-10-15 18:41   ` kate
2004-10-15 18:55     ` Jason Opperisano [this message]
2004-10-15 19:17       ` kate

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20041015185551.GA7745@bender.817west.com \
    --to=opie@817west.com \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.