firewall question

[Pete Nesbitt]

On June 13, 2004 01:20 am, hanfamily at earthlink.net wrote:
> I bought a book on Linux firewalls and am working my way through
> it. Unfortunately the examples are all written for someone with
> a static IP address. I use dialup so my address changes each
> time I log on. In their example for outgoing mail they
> have
> iptables -A OUTPUT -o $INTERNET -p tcp \
>          -s $IPADDR --sport $UNPRIVPORTS \
>          -d $SMTP_GATEWAY --dport 25 -m state --state NEW -j ACCEPT
> Since my public ipaddr will change each time I log on would I just
> use --sport $UNPRIVPORTS
> also since earthlink only gives names not address for their smtp mail
> server would I drop the reference to SMTP_GATEWAY and just use
> --dport 25 -m state --state NEW -j ACCEPT
> I really appreciate all the help.
>              Linda
Hi Linda,
If you need to extract your IP address, run something linke this:
EXT_IP="`ifconfig $EXT_IF | grep inet | cut -d : -f 2 | cut -d \  -f 1`"

You can test it as a command:
ifconfig eth0 | grep inet | cut -d : -f 2 | cut -d \  -f 1
(or maybe you use use ppp0 for dialup)

I don't have dialup, but it should work about the same for ppp0.

$EXT_IF is your external interface, probably what you have as "$INTERNET"

Hope that helps
-- 
Pete Nesbitt, rhce