0 
add 04000 allow IP from 192.168.1.10 to ca-vancouver.privateinternetaccess.com keep-state

I want to change to epair0b because I want to avoid hardcoded IP address and I would like to use DHCP instead

So I changed to

add 04000 allow IP from epair0b to ca-vancouver.privateinternetaccess.com keep-state

And got the error

Line 6: hostname ```epair0b'' unknow

Is there a way to use the interface name or "the machine" on IPFW?

In other words, I want to avoid the use of hardcoded IP Address on my rules.

Thanks!

Improve this question
1
  • 1
    disclaimer: never tested. in freebsd.org/doc/handbook/firewalls-ipfw.html#idp69473656 there are examples. Of course you can't use from interface since the expected parameter is an IP address. check in the examples the via parameter instead (via interface). Commented Aug 11, 2020 at 11:16

2 Answers 2

Reset to default
1

Per the ipfw man page,

me     Matches any IP address configured on an interface in the system.

add 04000 allow IP from me to ca-vancouver.privateinternetaccess.com keep-state
Improve this answer
1

The DHCP daemon could update your /etc/hosts file and set the local IP next to the hostname. This way you could use the hostname which would resolve to the current IP.

Type hostname to get your hostname.

Check the manpages of the DHCP daemon how they implement it. It could look like this:

#!/bin/sh

set -e

if [ "$IFACE" = lo ]; then
    exit 0
fi

SHORT_HOST=`hostname`

# Remove current line with hostname at the end of line
sed -i '/'$SHORT_HOST'$/ d' /etc/hosts

ipaddr=$(ifconfig  | grep 'inet addr:'| grep -v '127.0.0.1' | cut -d: -f2 | awk '{ print $1}')
echo "$ipaddr $SHORT_HOST" >>/etc/hosts
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.