diff options
| author | Jonas Smedegaard <dr@jones.dk> | 2002-01-03 12:32:57 +0000 |
|---|---|---|
| committer | Jonas Smedegaard <dr@jones.dk> | 2002-01-03 12:32:57 +0000 |
| commit | 327bff9038e355ab92d32bf7b90add340ede1fc6 (patch) | |
| tree | 0be8aabff1d414faf544419d8d78b7d52015fa47 /ipmasq/rules/A10dhcpcd.rul | |
| parent | 17cf2efb57a35227756ee1e371d595f3c5a564c8 (diff) | |
ipmasq: Update A10dhcpd.rul and A10dhcpcd.rul to reflect new example in ipmasq 3.5.10: strip ip aliases.
Diffstat (limited to 'ipmasq/rules/A10dhcpcd.rul')
| -rw-r--r-- | ipmasq/rules/A10dhcpcd.rul | 23 |
1 files changed, 7 insertions, 16 deletions
diff --git a/ipmasq/rules/A10dhcpcd.rul b/ipmasq/rules/A10dhcpcd.rul index 5ac66a1..3f39085 100644 --- a/ipmasq/rules/A10dhcpcd.rul +++ b/ipmasq/rules/A10dhcpcd.rul @@ -1,29 +1,20 @@ -# From Kalle Olavi Niemitalo <tosi@ees2.oulu.fi>: - -# Here's my /etc/ipmasq/rules/A10dhcpd.rul file in case you'd -# like to add it in the examples directory. It's somewhat -# stricter than /usr/doc/ipmasq/examples/Z99dhcpd.rul. Also, I'm -# using priority A10 rather than Z99 because some of my other -# rules would reject the packets. -# -# This works with dhcp_1.0.2-0.1 and the Windows 95 DHCP client. -# The ipfwadm invocations are untested. +# Based on A10dhcpd.rul by Kalle Olavi Niemitalo <tosi@ees2.oulu.fi>: if [ -n "$INTERNAL" ]; then for i in $INTERNAL; do ipnm_cache $i case $MASQMETHOD in ipfwadm) - $IPFWADM -I -i accept -S 0.0.0.0/0 67 -D 255.255.255.255/32 68 -W $i -P udp -# $IPFWADM -O -i accept -S $IPOFIF/32 68 -D 255.255.255.255/32 67 -W $i -P udp + $IPFWADM -I -i accept -S 0.0.0.0/0 67 -D 255.255.255.255/32 68 -W ${i%%:*} -P udp +# $IPFWADM -O -i accept -S $IPOFIF/32 68 -D 255.255.255.255/32 67 -W ${i%%:*} -P udp ;; ipchains) - $IPCHAINS -I input -j ACCEPT -s 0.0.0.0/0 67 -d 255.255.255.255/32 68 -i $i -p udp -# $IPCHAINS -I output -j ACCEPT -s $IPOFIF/32 68 -d 255.255.255.255/32 67 -i $i -p udp + $IPCHAINS -I input -j ACCEPT -s 0.0.0.0/0 67 -d 255.255.255.255/32 68 -i ${i%%:*} -p udp +# $IPCHAINS -I output -j ACCEPT -s $IPOFIF/32 68 -d 255.255.255.255/32 67 -i ${i%%:*} -p udp ;; iptables) - $IPTABLES -I INPUT -j ACCEPT -s 0.0.0.0/0 67 -d 255.255.255.255/32 68 -i $i -p udp -# $IPTABLES -I OUTPUT -j ACCEPT -s $IPOFIF/32 68 -d 255.255.255.255/32 67 -i $i -p udp + $IPTABLES -I INPUT -j ACCEPT -s 0.0.0.0/0 67 -d 255.255.255.255/32 68 -i ${i%%:*} -p udp +# $IPTABLES -I OUTPUT -j ACCEPT -s $IPOFIF/32 68 -d 255.255.255.255/32 67 -i ${i%%:*} -p udp ;; esac done |