* referring to own IP in filter rules
@ 2003-01-27 14:21 Stephen Isard
0 siblings, 0 replies; only message in thread
From: Stephen Isard @ 2003-01-27 14:21 UTC (permalink / raw)
To: linux-diald
Hello,
Is there a convenient way to refer to my machine's own IP address in
diald filter rules, where the address is assigned dynamically by my ISP
when I dial in?
I've been using diald for several years and it works fine. My problem
is that increasingly I find that the line is being kept up by attempted
connections from random sites. I take it these are hackers, or machines
that have been hijacked by hackers. As far as I can tell, my firewall
and tcp wrappers are successfully rejecting the connection attempts so
far, but diald is opening a connection set for them and giving it a
default timeout. What I'd like to do is write a rule saying something
like "ignore any packet addressed to a port number lower than 900 on my
machine", but the address of my machine is different each time I dial
up.
I can imagine writing an ip-up script that uses sed to rewrite the
standard.filter file after the link comes up and then sends a reset to
diald.ctl, but that sounds messy and error-prone and I'd rather write
standard.filter to say what I really mean in the first place, if there
is some way of doing it.
Thanks.
Stephen Isard
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2003-01-27 14:21 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-01-27 14:21 referring to own IP in filter rules Stephen Isard
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.