On Tue, 13 Jul 1999, Stephen Hocking-Senior Programmer PGS Tensor Perth wrote:
> I was checking out the firewall setup in /etc/rc.firewall, and noticed that > the simple example relied on a fixed IP address for the external interface. I > don't know ahead of time what IP address is going to be allocated to me > before > I dial up. Would it be possible to specify an interface (tun0) rather than an > IP address? You could probably do it from /etc/ppp/ppp.linkup, which knows your IP address as MYADDR. But if you just have asingle machine on the end of the dialup then I find I can get away with just specifying the netmask from which the dialup IPs are assigned in place of a single address - all that can happen is that packets get through your firewall destined to a nonexistent address (i.e. if you allow incoming port Y traffic then people can send to port Y on nonexistent IP addresses (i.e. your peer addresses) which will be dropped by the kernel). Kris ----- "Never criticize anybody until you have walked a mile in their shoes, because by that time you will be a mile away and have their shoes." -- Unknown To Unsubscribe: send mail to majord...@freebsd.org with "unsubscribe freebsd-hackers" in the body of the message