With the proliferation of these PPPOE account from SBC and the like, I'm
wondering ....

Since you don't have a static IP, is it possible to have a firewall linux
box? You don't have a need for any server applications, obviously, but how
would one "NAT" in that situation?

TIA,

Mairhtin O'Feannag

On Tue, 07 Oct 2003 02:29:42 GMT, Mairhtin O'Feannag <irishboyca@rocketmail.com> wrote:
>
>
> With the proliferation of these PPPOE account from SBC and the like, I'm
> wondering ....
>
> Since you don't have a static IP, is it possible to have a firewall linux
> box? You don't have a need for any server applications, obviously, but how
> would one "NAT" in that situation?
>
> TIA,
>
> Mairhtin O'Feannag

It's not a silly question, but your subject line IS silly. Please put
a description of your problem in the subject line for the archives and
others that can make use of the thread in the present.

I generally ignore subjects like that, and a lot of others do too.


--
Later, Alan C
You can find my email address at the website: contact.html
take control of your mailbox ----- elrav1 ----- http://tinyurl.com/l55a

> Since you don't have a static IP, is it possible to have a firewall
> linux box? You don't have a need for any server applications,
> obviously, but how would one "NAT" in that situation?

Yes, of course it's possible. With modern iptables configurations there is
no reason to ever specify an IP address. Use _interfaces_ instead in your
netfilter rulesets.

--
Jem Berkes
http://www.sysdesign.ca/

"Jem Berkes" <jem@users.pc9__org> wrote in message
news:Xns940CEE5B8C2FBjbuserspc9org@205.200.16.73...
> > Since you don't have a static IP, is it possible to have a firewall
> > linux box? You don't have a need for any server applications,
> > obviously, but how would one "NAT" in that situation?
>
> Yes, of course it's possible. With modern iptables configurations there is
> no reason to ever specify an IP address. Use _interfaces_ instead in your
> netfilter rulesets.

There's also the question of whether the firewall rules are deleted when the
interface is down ?

Do you have to set the rules to be created by PPPoE daemon once the
interface is connected ?
Do PPPoE daemons have the equivalent of pppd's ip_up , ip_down scripts.
and do they need to be used to do firewalling for PPPoE links ?



>
> --
> Jem Berkes
> http://www.sysdesign.ca/


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.522 / Virus Database: 320 - Release Date: 29/09/2003

Mairhtin O'Feannag wrote:

> With the proliferation of these PPPOE account from SBC and the like, I'm
> wondering ....
>
> Since you don't have a static IP, is it possible to have a firewall linux
> box? You don't have a need for any server applications, obviously, but
> how would one "NAT" in that situation?

There's a couple of methods.

a) Filter on the interface.
2) Monitor the current IP. The dhcp client can run an executable, whenever
the IP changes.

--

Fundamentalism is fundamentally wrong.

To reply to this message, replace everything to the left of "@" with
james.knott.