LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   iptables script - How can I define a dynamic IPaddress (http://www.linuxquestions.org/questions/linux-networking-3/iptables-script-how-can-i-define-a-dynamic-ipaddress-692951/)

theinfidel 12-25-2008 03:15 PM

iptables script - How can I define a dynamic IPaddress
 
Hi, all

in my iptables script I define the environment like this:
Code:

# ENVIRONMENT
# Private interface
IF_PRV=eth1
IP_PRV=xxx.xxx.xxx.xxx
NET_PRV=xxx.xxx.xxx.xxx/24

# Public Interface
IF_PUB=eth0
IP_PUB=xxx.xxx.xxx.xxx
NET_PUB=xxx.xxx.xxx.xxx/24

My question is, if I give the IF_PUB interface the DYNAMIC IPaddress assigned by my ISP how can I define it in IP_PUB and also the NET_PUB so I can then use it for the firewall rules.

exemple rule:
Quote:

iptables -t nat -A POSTROUTING -s $NET_PRV -o $IF_PUB -j SNAT --to $IP_PUB
thanks you for any help

Berhanie 12-25-2008 04:44 PM

Code:

... -j SNAT --to $IP_PUB
You can use this instead:
Code:

... -j MASQUERADE
An alternative is to parse the dhcp client database (e.g. /var/lib/dhclient/dhclient-eth0.lease) for the assigned IP address,
and to use SNAT.

theinfidel 12-26-2008 10:47 AM

I guess what I am trying to figure out is how to UPDATE THE IPADDRESS in the iptables script, AUTOMATICALY.
Parsing dhcp.leases is ok as a way to get the address.
Probably complicated ?

Does anyone know if I can call it (the address) from the iptables script or maybe have dhclient write it there.

Thanks a bunch!


All times are GMT -5. The time now is 05:24 PM.