Learn how easy it is to sync an existing GitHub or Google Code repo to a SourceForge project! See Demo
I believe this will be a feature request, since I don't think there is a way to currently do this with fwbuilder:
I'd like to create a generic firewall that doesn't have a hardcoded IP address and network for eth0 (inside) interface. An eth0 interface with static IP address and network can be learned at runtime when the firewall script is started. This would allow an administrator to change the static IP and network for eth0 without needing to re-generate a taylored firewall script just because eth0 changed.
you can do it now, just mark interface as "dynamic" and do not add ip address to it:
see "Using Interface Object with Dynamic Address in Rules"
I started with the OpenWRT firewall template, and I changed eth0 to be dynamic and deleted the static IP address that was created by the template. However, the template has rules that refer to "Firewall:eth0:net", and I can't find this in the tree view (although I can double-click on the element in the rule). When I edit this, it has the hardcoded network for eth0 that I want calculated at runtime.
that template has dynamic interface eth1. Do you want both inetrfaces to be dynamic ?
I do not see any rules in this template that refer to the ip address of eth0. What rule is that in your case ?
What happens when you double click on this object in the rule ? It should locate it in the tree and open it in the editor. May be you are looking at the rules of another firewall object ?
eth1 is truly dynamic, and eth0 I want to be dynamic only because I want the firewall script to calculate the ip and network of eth0 at runtime (but eth0 on the router is really static).
The template does not refer to the ip address of eth0, it refers to the network of eth0 (Firewall:eth0:net), and double-clicking on the element in the rule allows you to edit it to change the hardcoded network address and netmask, but it does NOT find it in the tree.
I know what is going on. Object Firewall:eth0:net has been created because you've changed the address of the interface eth0 when you created firewall object. This object has been added to the tree but the program did not refresh the tree so you can't see it there. This is a known bug, it will be fixed soon.
Generated script can learn actual address of dynamic interface but not the address of attached network. Please open feature request.