I can't believe how much time I've wasted on this:
I have a few workstations that access internet through a single server with firewall which has a dial-up modem attached. I want for each of the workstations to be able to call for the modem to connect. Since it is dialup, the external address is dynamic, so this requires that certain iptables entries be set to the "current" IP address.
I have gotten as far as writing a crude script that uses ssh to run pon on the server and then run a script that checks the current IP and uses that as a variable to reset those rules that use the dynamic address. But the problem is, to change iptables requires root permission and that's where I'm stuck. I tried setting the "dip" group for sudo permissions to run my script:
Code:
%DIP NETWORK80 = NOPASSWD: /usr/local/bin/getMasqInternet
but that doesn't seem to work for a member of group 'dip' who is not also member of group 'sudo'
I have tried linesrv, using the xlc client, but I run into the same problem with setting iptables for the dynamic address ('linesrv' is a member of group 'dip' by default). On my fedora system, I had Firestarter which could be set to start when ppp0 comes up, but I'm not so keen on Firestarter.
I'm sure this has been done dozens of ways. How should I do it,so I can move on to the next thing???
Thanks-