Firewall Script Required for bootscripts

Ryan.Oliver at pha.com.au Ryan.Oliver at pha.com.au
Tue Mar 23 19:45:20 PST 2004






> and I've been avoiding
> binding rules to IP address until I can think completely through what
> happens when a DHCP-managed host has it's IP change.  At the moment I
> think I'm going with "most daemons break when this happens anyway, so
> it's moot" but I'm hoping inspiration will strike.

Shouldn't be any need to use an IP in the filtering, filter based on
interfaces and ports only... Only time IP becomes important is when doing
NAT...

Usually most daemons listen on *:port unless bound to an IP address
in their conf (they just listen on a port) so just continue to function
(existing sessions of course die).

For ones that dont it would probably would be a trivial script to
write to detect change in dhcp lease and restart affected network services.

[R]




More information about the hlfs-dev mailing list