On Wed, 2002-07-31 at 12:06, Ashley M. Kirchner wrote: > > The NAT part of my /etc/sysconfig/iptables file currently looks like this: > > # Generated by iptables-save v1.2.5 on Sat Jul 6 21:48:37 2002 > *nat > :PREROUTING ACCEPT [180:25435] > :POSTROUTING ACCEPT [21:1455] > :OUTPUT ACCEPT [21:1455] > -A POSTROUTING -s 10.1.2.0/255.255.255.0 -d ! 10.1.2.0/255.255.255.0 \ > -j SNAT --to-source xxx.xxx.xxx.xxx > COMMIT > # Completed on Sat Jul 6 21:48:37 2002 > > xxx.xxx.xxx.xxx is my cable modem's IP address, however because it's on a DHCP >network, that IP changes occasionally. How can I make iptables automatically figure >out what the IP is without me hardcoding it into that file?
I took a somewhat heavy handed approach to this. I modified the iptables script in /etc/init.d to check for the existence of a shell script I wrote to set the rules, and if it exists, run that rather than applying the saved rules. Please note that modifications such as this will more than likely get lost the next time you upgrade. It is also susceptible to updates like initscripts. In the script I wrote, I include things like /etc/sysconfig/network and /etc/dhcpc/dhcpcd-eth1.info. As you can see, I use dhcpcd. If you use pump, there will be a different file. The dhcpcd-eth1.info file has a line in it that sets IPADDR=xxx.xxx.xxx.xxx so by including it in my script, I can substitute $IPADDR for the hard-coded address. Linus -- redhat-list mailing list Unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list