Hey all. I have a RH 9.0 box being used as a router for my house and my cable ISP uses DHCP to assign my front end address. Over the last few days, I've been building/digging and piecing bits of info together (NAT, ip_forward, ipchains, etc.) and have the thing working pretty well. I have 2 questions however.
1) As my front end IP is dynamically assigned, it can make it tough to maintain an accurate DNS entry. W/ Zoneedit, I'm able to do the following: wget -O - --http-user=username --http- passwd=password 'http://dynamic.zoneedit.com/auth/dynamic.html? host=www.mydomain.com' This will set the IP of the record to whatever machine is running the above command. The problem is I don't know where to put that so that when eth0 requests a new lease, it runs the above command. The man page for dhclient and dhcp.conf talks about "hooks". But this seems dangerously close to programming. Which I wouldn't be adverse to if I knew what the hell I was doing. Other research shows something about a dhcpcd.eth0 file existing in /etc. If it exists, the contents are executed as part of /sbin/ifcfg eth0 up (or similar command). However, the man pages for my version of dhclient don't mention a thing. I expect that this is a common enough occurance. And I'm sure I could put something in /etc/sysconfig or /etc/init.d or whatever. But I expect that someone has already thought about this and it's simply a matter of running a single command or putting the above command in a script that is already designed to handle this. It just currently doesn't seem to be obvious to me. 2) I'm very new to the whole iptables thing. I was able to set up ipmasq ok. Persistance paid off there. Couple of links from Google or Red Hat and reading through appropriate parts of the RH9 ref manual introduced me to '/sbin/service iptables save' (for the firewall rule) and the /etc/sysctl.conf file to turn on ip_forward. And walla (or viola for culters outside of Utah) it works. Except for my VPN Software. My company uses the Cisco VPN SW v 3.51. Which uses IPSec I believe. Can someone point me in the right direction on setting up an iptable rule to enable this from the inside out? Thanx in advace for taking the time to read this, Earl -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
