I am running Redhat 7.2 as a Masq server for my home LAN and using ADSL for my internet connection. It looks like this:

ADSL (ppp0) --> eth1 --> Masq --> eth0 --> LAN

My problem is that whenever my lease renews my firewall script fails to update. I assume this a DHCP issue. What I need to know is how to get the DHCP daemon to run my firewall script whenever the Internet IP address changes. :(

Did you have to have to enter a user id and password somewhere to get access?? I'm asking because if you did, that is pppoe and not bridged dsl (dhcp), the two are mutually exclusive. With you showing ppp0 in the diagram, that would be pppoe, dhcp would not be in the picture....

Having said that, the easyist way to do that is by making /etc/ppp/ip-up.local a symlink to your firewall script. Hint, you may need to create it, set the permissions the same as ip-up.... pppd will pass some variables to the script in the form of: S1-S6 which equate to interface-name (pppX), tty-device, speed, local ip, remote ip, ipparm. All you need to do is do something like this in your script:

EXTIP=$S4
EXTIF=$S1

and use $EXTIF where you would use ppp0 or just use $S1 for that matter... This file will be run once the connection is established....

If your using dhcpcd as a dhcp client then a file called /etc/dhcpc/dhcpcd-eth0.exe will be exe'd with a change in ip address. Make it a symlink to the firewall script.. Your new info would be in a file called /etc/dhcpc/dhcpcd-eth0.info. Your script will need a way to grab the new ip address.

EXTIF="eth1"
EXTIP=`/sbin/ifconfig $EXTIF | awk '/inet addr/ { gsub(".*:", "", $2) ; print $2 }'`

and use $EXTIP where you would use the address.

Hope I was not to confusing......

At least it is an answer. I'll decipher it when I have less beer in me. ;)

It is definitely a PPP thing. I added an entry to the /etc/ppp/ip-up.local file that references the firewall script. After several manual disconnects/reconnects to ADSL it appears to be working, with the firewall adapting to the new internet IP address as planned. I'll monitor it over the course of the evening and see if it does the same with the ADSL dropping the connection on its own.

After a half dozen or so address changes things seem to be working. It appears the symlink isn't nessasary. all I did was create the /etc/ppp/ip-up.local file as so:

#!/bin/bash
/etc/rc.d/firewall

Thanks for the help/kick in the noggin'

Same effect... Your script is picking up the ipaddress, using something like the dhcp example above, or does not use the ip at all....

The firewall script uses the dynamic internet ip and it seems to change often. Basically I pipe ifconfig ppp0 through grep, awk and sed like so:

#!/bin/bash
#simple script to get your internet ip
GREP=/bin/grep
AWK=/bin/awk
SED=/bin/sed
IFCONFIG=/sbin/ifconfig
EXTIP="`$IFCONFIG ppp0 | $GREP 'inet addr' | $AWK '{print $2}' | $SED -e 's/addr://g'`"
echo "The Internet IP address is $EXTIP"
exit 0