On Tue, 2003-09-30 at 15:59, [EMAIL PROTECTED] wrote: > Hey all. > > I have a RH 9.0 box being used as a router for my house and my cable ISP uses > DHCP to assign my front end address. Over the last few days, I've been > building/digging and piecing bits of info together (NAT, ip_forward, ipchains, > etc.) and have the thing working pretty well. I have 2 questions however. > > 1) As my front end IP is dynamically assigned, it can make it tough to maintain > an accurate DNS entry. W/ Zoneedit, I'm able to do the following: > > wget -O - --http-user=username --http- > passwd=password 'http://dynamic.zoneedit.com/auth/dynamic.html? > host=www.mydomain.com' > > This will set the IP of the record to whatever machine is running the above > command. The problem is I don't know where to put that so that when eth0 > requests a new lease, it runs the above command. The man page for dhclient and > dhcp.conf talks about "hooks". But this seems dangerously close to > programming. Which I wouldn't be adverse to if I knew what the hell I was > doing. Other research shows something about a dhcpcd.eth0 file existing > in /etc. If it exists, the contents are executed as part of /sbin/ifcfg eth0 > up (or similar command). However, the man pages for my version of dhclient > don't mention a thing. I expect that this is a common enough occurance. And > I'm sure I could put something in /etc/sysconfig or /etc/init.d or whatever. > But I expect that someone has already thought about this and it's simply a > matter of running a single command or putting the above command in a script > that is already designed to handle this. It just currently doesn't seem to be > obvious to me. > If your on a comcast cable modem. Leave ping available to the DHCP server. If you block it, you'll loose your IP when your lease is up. If your machine is up and running when your lease expires, and the dhcp server can ping your device, you'll keep your current IP address.
As for creating hooks. I took a look around, and only really found info on Debian and *BSD. If your willing to learn some shell scripting, or do some serious digging on google, you'll find it. I'd just put your command line statment in a shell script, and add a line at the end of ifup to execute it if the interface is correct. Mind you, this will work, but is far from the correct way to do things. > 2) I'm very new to the whole iptables thing. I was able to set up ipmasq ok. > Persistance paid off there. Couple of links from Google or Red Hat and reading > through appropriate parts of the RH9 ref manual introduced me to '/sbin/service > iptables save' (for the firewall rule) and the /etc/sysctl.conf file to turn on > ip_forward. And walla (or viola for culters outside of Utah) it works. Except > for my VPN Software. My company uses the Cisco VPN SW v 3.51. Which uses > IPSec I believe. Can someone point me in the right direction on setting up an > iptable rule to enable this from the inside out? > > Thanx in advace for taking the time to read this, > Earl -- Michael Gargiullo <[EMAIL PROTECTED]> Warp Drive Networks -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
