I'm hiding a small apartment network behind a potato box running IP masquerading. This all works fine for the most part; I use dhclient and the ipmasq package, and everything just works.
This morning, I couldn't reach the outside world. Some poking around revealed that I couldn't even reach the machine my firewall believed was its gateway. I restarted dhclient, and got a completely new IP address on a different network. (I assume this is a mistake on the part of my provider: my understanding is that a DHCP lease should be valid for the entire length of the lease, and breaking things under me is Just Wrong.) Even after this, though, things still didn't work; looking at my syslogs suggested that I might need to reinitialize the firewall rules (which blocked outgoing packets not on the local network or from the gateway's public IP), and in fact running /etc/init.d/ipmasq restart got things running again. I can take it as a fact of life that I'll occasionally be renumbered; I can deal with this. I guess my question is this: is the ipmasq package clueful enough to recognize when this happens, and tweak the firewall rules appropriately? (Experience this morning suggests not.) Failing this, is there a good way to put some sort of appropriate hook into dhclient to make the right thing happen? TIA... -- David Maze [EMAIL PROTECTED] http://www.mit.edu/~dmaze/ "Theoretical politics is interesting. Politicking should be illegal." -- Abra Mitchell
