[Firehol-support] Restarting firehol from cron?
Costa Tsaousis
costa at tsaousis.gr
Sat Sep 8 11:29:24 BST 2007
Rui Bernardo wrote:
> and on my net interface I've something like this:
>
> interface eth0 internet src not "${UNROUTABLE_IPS} ${PRIVATE_IPS}
> $PRIVATE_NETWORK" dst $ADDRESS
>
> As my ISP changes my IP from time to time, I've made a script that runs
> on cron each 5 minutes to find if my IP have changed. The objective here
> is to restart firehol when my IP changes.
>
It is not required to set the 'dst' address. 'dst' adds some extra
security which I guess is not required if the IP you have been assigned
is already the only address that is routed to you by your ISP.
> Now, when I run on the console
>
> # /etc/init.d/firehol restart
>
> if the rules have changed, firehol asks me to write "commit" on the
> console so the new rules are commited.
>
The standard firehol does this when you 'try' the firewall (not when you
'start' it).
Probably, you should ask about this behavior the support team of the
distribution you are using.
Costa
More information about the Firehol-support
mailing list