Automatically rewritting Firewall based on New DHCP Lease

Greetings to the group,
I am running RH7.3 and ADSL through rp-pppoe. At bootup, everything
comes up just fine. When my lease expires and PPPoE establishes a new IP,
my network doesn't get updated (iptables.network is not re-run).

1. I run a script called "iptables.network" which brings up my network
based on my assigned IP. This works fine, until my ISP assigns me a new IP.
If I re-run ""iptables.network", everything comes up.

2. In my ifup-ppp I added the reference to run iptables.network, but is
doesn't seem to recognize the new IP...
# check that xDSL connection
if [ "$TYPE" = "xDSL" ] ; then
if [ -x /sbin/adsl-start -o -x /usr/sbin/adsl-start ] ; then
/etc/init.d/iptableinit
adsl-start /etc/sysconfig/network-scripts/$CONFIG
/etc/sysconfig/iptables.network
exit $?
else
logger -p daemon.info -t ifup-ppp \
$"adsl-start does not exist or is not executable for
${DEVICE}"
exit 1
fi
fi

3. If I manually run "iptables.network" everything comes back up.

Did I put this in the wrong spot? Is pppd controlling the process when
rp-pppoe negotiates a new IP?

4. Perhaps there is an issue with how "iptables.network" looks up the IP:

EXTIP="`/sbin/ifconfig eth0 | /bin/grep 'inet addr' | /bin/awk '{print $2}'
| \
/bin/sed -e 's/.*://'`"

and it doesn't work until pppd completes it's action?

Thank you for your help

Sean

On Wed, 25 Feb 2004 03:43:35 GMT, Sean <(E-Mail Removed)> wrote:
> Greetings to the group,
> I am running RH7.3 and ADSL through rp-pppoe. At bootup, everything
> comes up just fine. When my lease expires and PPPoE establishes a new IP,
> my network doesn't get updated (iptables.network is not re-run).

PPPoE has no "lease" time (it is not DHCP which is different protocol).
Although, dynamic PPPoE typically gets a new IP whenever it connects or
reconnects.

Whenever ppp or pppoe gets an IP (whether connecting manually or on
demand) /etc/ppp/ip-up runs and is given your local IP along with other
parameters (see man pppd). So update your firewall from ip-up (or
ip-up.local). Note that ip-up runs a root, but has minimal environment,
so use full paths.

SuSE automatically sets it firewall to update from ip-up, and I also run
my dynamic DNS client from there, so it all works for dialup or adsl.

--
David Efflandt - All spam ignored http://www.de-srv.com/

On Wed, 25 Feb 2004 03:43:35 GMT, Sean <(E-Mail Removed)> wrote:
| Greetings to the group,
| I am running RH7.3 and ADSL through rp-pppoe. At bootup, everything
| comes up just fine. When my lease expires and PPPoE establishes a new IP,
| my network doesn't get updated (iptables.network is not re-run).
|
| 1. I run a script called "iptables.network" which brings up my network
| based on my assigned IP. This works fine, until my ISP assigns me a new IP.
| If I re-run ""iptables.network", everything comes up.


The trick is not to base the rules on the IP address, but on the Interface name.


--
Reverend Paul Colquhoun, ULC. http://andor.dropbear.id.au/~paulcol
Asking for technical help in newsgroups? Read this first:
http://catb.org/~esr/faqs/smart-questions.html#intro

Sean wrote:

> Greetings to the group,
> I am running RH7.3 and ADSL through rp-pppoe. At bootup, everything
> comes up just fine. When my lease expires and PPPoE establishes a new IP,
> my network doesn't get updated (iptables.network is not re-run).
>

Why are you filtering on IP? You should be able specify only the interface.

--

Fundamentalism is fundamentally wrong.

To reply to this message, replace everything to the left of "@" with
james.knott.