5.1.1.2. Dynamic interfaces

Dynamic interfaces are interfaces that are either created dynamically, or obtain IP configuration information dynamically from a designated server (for example, dhcp, bootp, ppp). As their IP configuration is not known when Zorp boots up (and can be different at each boot sequence), the services using these interfaces cannot include the IP address of the interface in the firewall rules related to the service. To overcome this problem, Zorp can bind to interfaces instead of IP addresses. Dynamic interfaces are referenced by their name in the firewall rules. The operating system automatically notifies the running Zorp instances when the IP configuration information of the interface is received from the server. IP address changes are also automatically handled within Zorp. For more information on configuring firewall rules, see Section 6.5, Configuring firewall rules.

Example 5.1. Referencing static and dynamic interfaces in firewall rules

Dynamic interfaces can be used in firewall rules the same way as static interfaces. The following rule references a static interface:

Rule(proto=6,
    dst_iface='eth0',
    service='test'
    )

The following rule references a dynamic interface called dyn:

Rule(proto=6,
    dst_iface='dyn',
    service='test'
    )