# pppoe "redial" and iptables rules

## wpeqan

Hello,

I'm using gentoo on a desktop machine and connect to the internet with pppoe, I'm using a custom iptables script as firewall.

Everytime I get a new IP address from my provider the firewallscript needs to be restarted, but I don't really know where to insert it.

At the moment I need to manually execute "/path/to/iptables.sh restart".

Is there some standard way to update the firewall rules after I get a new IP?

Thanks in advance.

Relevant Portions of /etc/conf.d/net:

```

 # cat /etc/conf.d/net

modules=( "wpa_supplicant" )

wpa_supplicant_wlan0=( "wpa_supplicant" )

wpa_timeout_wlan0=60

#link_ppp0="wlan0"

config_eth0="null"

link_ppp0="eth0"

config_ppp0=( "ppp" )

plugins_ppp0=( "pppoe" )

username_ppp0='username'

password_ppp0='pw'

rc_wlan0_before="net.ppp0"

rc_ppp0_provide="net"

pppd_ppp0=(

   "noauth"

   "defaultroute"

   "usepeerdns"

   "ipcp-accept-remote"

   "ipcp-accept-local"

   "lcp-echo-interval 15"

   "lcp-echo-failure 3"

   "debug"

)

preferred_aps=( "my_ssid" )

```

edit:

Found the answer to my question in the logs.. I'll put the skript in /etc/ppp/ip-up

```

...

Feb 21 11:34:10 1313 pppd[11907]: rcvd [PAP AuthAck id=0x3 ""]

Feb 21 11:34:10 1313 pppd[11907]: PAP authentication succeeded

Feb 21 11:34:10 1313 pppd[11907]: peer from calling number 00:90:1A:A0:AA:14 authorized

...

Feb 21 11:34:11 1313 pppd[11907]: local  IP address ip

Feb 21 11:34:11 1313 pppd[11907]: remote IP address ip

Feb 21 11:34:11 1313 pppd[11907]: primary   DNS address ip

Feb 21 11:34:11 1313 pppd[11907]: secondary DNS address ip

Feb 21 11:34:11 1313 pppd[11907]: Script /etc/ppp/ip-up started (pid 19005)

Feb 21 11:34:11 1313 /etc/init.d/net.ppp0[19022]: status: inactive

Feb 21 11:34:11 1313 /etc/init.d/net.ppp0[19081]: You are using a bash array for config_ppp0.

Feb 21 11:34:11 1313 /etc/init.d/net.ppp0[19082]: This feature will be removed in the future.

Feb 21 11:34:11 1313 /etc/init.d/net.ppp0[19083]: Please see net.example for the correct format for config_ppp0.

Feb 21 11:34:11 1313 pppd[11907]: Script /etc/ppp/ip-up finished (pid 19005), status = 0x0

```

----------

## truc

Often, you have one of the pppoe hooks which adds the clamp-mss iptables rules, if you plan to share your internet access, either disable this hook and add the rules manually to you custum iptables ruleset script or, find a way to have the clamp-mss hook run after your custom iptables script.

Also, you coud use iptables-save/iptables-restore to save your ruleset and re-generate it *only* when you get a new IP?

HTH?

----------

