A fast way to do this is with a script and something like this (could be a lot of other options and ways to do this) MY_IP=`ifconfig eth0 | grep "inet addr" | cut -d':' -f2 | cut -d' ' -f1` and then iptables -A INPUT -p tcp -d $MY_IP --tcp-flags SYN,FIN SYN,FIN -j DROP of course, you need to change eth0 to the interface that you need to obtain an ip address. If this interface is related to an ppp interface it could be easy, in a file called ip-up in /etc/ppp you could set your script with the following vars # When the ppp link comes up, this script is called with the following # parameters # $1 the interface name used by pppd (e.g. ppp3) # $2 the tty device name # $3 the tty device speed # $4 the local IP address for the interface # $5 the remote IP address # $6 the parameter specified by the 'ipparam' option to pppd pppd executes this script when it comes up so you can use $1 where i put $MY_IP in the iptables command. then, if you need to change some parameters when the ppp connection cames down, just set it in ip-down and thats it Hello Anthony, Saturday, February 21, 2004, 9:46:59 AM, you wrote: AdAL> Hi, I would like to add a certain rule to my firewall, but I have a AdAL> dynamic IP, I'm wondering if there is some way I can work with this AdAL> the line is as follows: AdAL> iptables -A INPUT -p tcp -d <MyDynamicIP> --tcp-flags SYN,FIN SYN,FIN -j AdAL> DROP AdAL> Thanks for any information you can provide. AdAL> --tony -- Best regards, Alexis mailto:alexis@xxxxxxxxxxxx
