Hi, One of my interfaces depends on dhcp and the IP it fetches changes more often then I would like ... causing my half way complex shorewall setup to get hickups. I was wondering what other people use in these situation - I''m basically looking for a demon that watches the interfaces and upon IP change runs "shorewall restart" which includes params lines fetching the current IP addresses via python. I''m on debian and would prefer a solution from the repository ... is arpwatch an option? Thanks for any input, Joh ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
Johannes Graumann wrote:>One of my interfaces depends on dhcp and the IP it fetches changes more >often then I would like ... causing my half way complex shorewall setup to >get hickups. I was wondering what other people use in these situation - I''m >basically looking for a demon that watches the interfaces and upon IP >change runs "shorewall restart" which includes params lines fetching the >current IP addresses via python. I''m on debian and would prefer a solution >from the repository ... is arpwatch an option?Debian uses the ISC DHCP client, and this runs a shell script to manage the interface. The simplest thing to do is probably to modify the script to automatically restart shorewall whenever it leases a new address. I''m not really that familiar with the client (most of my work is with the server), but if you get stuck then you''ll find the DHCP Users list quite friendly. I imagine it probably only requires adding a "shorewall restart" to one or two places in the client script. DHCP Users can be found at : List-help: <mailto:ecartis@isc.org?Subject=help> List-unsubscribe: <mailto:dhcp-users-request@isc.org?Subject=unsubscribe> List-Id: <dhcp-users.isc.org> List-subscribe: <mailto:dhcp-users-request@isc.org?Subject=subscribe> List-owner: <mailto:listmaster@isc.org> List-post: <mailto:dhcp-users@isc.org> ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
Simon Hobson wrote:> Johannes Graumann wrote: > > >> One of my interfaces depends on dhcp and the IP it fetches changes more >> often then I would like ... causing my half way complex shorewall setup to >> get hickups. I was wondering what other people use in these situation - I''m >> basically looking for a demon that watches the interfaces and upon IP >> change runs "shorewall restart" which includes params lines fetching the >> current IP addresses via python. I''m on debian and would prefer a solution >> > >from the repository ... is arpwatch an option? > > Debian uses the ISC DHCP client, and this runs a shell script to > manage the interface. The simplest thing to do is probably to modify > the script to automatically restart shorewall whenever it leases a > new address. > > I''m not really that familiar with the client (most of my work is with > the server), but if you get stuck then you''ll find the DHCP Users > list quite friendly. I imagine it probably only requires adding a > "shorewall restart" to one or two places in the client script. > > DHCP Users can be found at : > List-help: <mailto:ecartis@isc.org?Subject=help> > List-unsubscribe: <mailto:dhcp-users-request@isc.org?Subject=unsubscribe> > List-Id: <dhcp-users.isc.org> > List-subscribe: <mailto:dhcp-users-request@isc.org?Subject=subscribe> > List-owner: <mailto:listmaster@isc.org> > List-post: <mailto:dhcp-users@isc.org> > >why not add a "host" line in your dhcpd.conf and give it an ip that never changes, your interface can still rely on dhcp but it will have a static address. this is what I do on my networks Dale> ------------------------------------------------------------------------- > This SF.net email is sponsored by: Splunk Inc. > Still grepping through log files to find problems? Stop. > Now Search log events and configuration files using AJAX and a browser. > Download your FREE copy of Splunk now >> http://get.splunk.com/ > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users > >------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
Dale Hartung wrote:> why not add a "host" line in your dhcpd.conf and give it an ip that > never changes, your interface can still rely on dhcp but it will have a > static address. this is what I do on my networksIf I was root on the server I certainly would ... Joh ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/