Variable NFS mounts / firewall rules.

lewiz purple at lewiz.info
Tue Jul 1 08:18:24 PDT 2003 

On Tue, Jul 01, 2003 at 08:45:54AM -0400, Dan Pelleg wrote:
> 2. Use the automounter to mount NFS volumes on-demand. This way you will
> not have to worry about mounting until you actually need to access the
> volume. See amd(8).

That's a good idea I didn't think off :)  I messed with amd(8) once
before and ran into trouble.  I can see in this case it would be ideal,
and shall have a go at getting it to play nicely.

> 3. ipfw supports the "me" keyword, to flexibly refer to your currently
> assigned IP address.

Yes, I had looked at this.  However, I was meaning trying to have a
solution where a different set of firewall rules would be started based
on the assigned IP address.

> 4. Just in case it might help you, here is my /etc/dhclient-exit-hooks:
> 
> # nothing to do unless we're bound
> case ${reason} in
>     BOUND | RENEW | REBIND | REBOOT )
>         if [ -n "${new_domain_name_servers}" ]; then
>             if [ -z "${old_domain_name_servers}" ] || [ x${old_ip_address} != x{$new_ip_address} ]; then
>                 [ -x /etc/refresh-named ] && /etc/refresh-named ${new_domain_name_servers}
>                 [ -x /etc/set-time ] && /etc/set-time
>             fi
>         fi
>         ;;
> esac

Yeah, I think I can see that this might even be a good place to
start/stop (stop if required, I haven't read amd(8) yet) amd from.
Also, I can set my symlinks in case the reason is not one of yours
listed.

> 5. You can further run ifconfig commands in /etc/start_if.<INTERFACE NAME>
> (for example /etc/start_if.fxp0 ).

I use start_if.ep0 to set the media for my network card.  Does this get
re sourced after dhclient has done it's magic?  I was under the
assumption that it got executed /before/ dhclient, and would therefore
be of little use to set variables based on the output of dhclient... ?

  Many thanks!  You've given me some excellent ideas.  I'll tell you how
I fare.

-lewiz.

-- 
In the long run, every program becomes rococo, and then rubble.
		-- Alan Perlis
------------------------------------------------------------------------
-| msn:purple at lewiz.net | jab:lewiz at jabber.org | url:http://lewiz.net |-
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20030701/0636f9ee/attachment.bin

More information about the freebsd-questions mailing list