Tom Atwater wrote: <snip>
There is a newer Dachstein-PPPoE package available here: http://leaf.sourceforge.net/devel/khadley/ >The current problem I have is this: >When Earthlink updates the dynamic IP, >the LRP box does not update the port forwarding >"from" address with the new dynamic IP. > That's wierd. That means that the firewall rules aren't reloaded (or there is a bug in the firewall scripts). > >So the web and ssh servers are no longer accessible >from the outside. > >If I reboot the LRP box, everything is fine, >but that is a manual process, and naturally >I want it to be automatic. > > >I know what the LRP commands are to update the >"from" IP for port forwarding: > ># Get new dynamic IP >EXT_IP=`/sbin/ip addr show dev ppp0 | grep inet | cut -f2 -d' '` > ># Clear old port fwd entries >/usr/sbin/ipmasqadm portfw -f > ># Add entries with new dynamic IP >/usr/sbin/ipmasqadm portfw -n -a -P tcp -L <dynamic_ip> 22 192.168.1.200 22 >/usr/sbin/ipmasqadm portfw -n -a -P tcp -L <dynamic_ip> 80 192.168.1.200 80 > If you use the Eigerstein builtin firewall you should reload/restart the firewall like this: svi network ipfilter reload The firewall scripts should read the ip-address from the external interface (if properly configured) and adjust the portforwarding accordingly. Tell me if it doesn't work. > >The LRP box does not have crontab, ssh, or telnet on it, >so I seemingly can't run a cron job or >update it from the internal Linux box. > You can edit /etc/crontab; /etc/cron.daily; /etc/cron.hourly or /etc/cron.monthly directly. So it is possible to add a cronjob. If you want remote access (and have enough disk-space left) you can install either Jacques Nilo's OpenSSH packages or my lsh packages (http://leaf.sourceforge.net/devel/jnilo/ and http://leaf.sourceforge.net/devel/ewaldw/ respectively). > >I tried to add these commands to the Roaring Penguin adsl-connect >script that runs when Earthlink changes the dynamic IP, >but it didn't work. > Try adding the "svi network ipfilter reload" instead and see if that works. > >Anyone have any ideas how I can do this? > I do! :-) Hope this helps, Ewald Wasscher _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
