Here is the problem:
I use several different ISPs which thus have different nameserver addresses. I use a standard dialup modem via serial port 56.6 K.

My firewall rules (ipchains since I have't plucked up the courage to compile a 2.4 Kernel yet) are as follows for allowing DNS client modes:

ipchains -A output -i $EXTERNAL_INTERFACE -p udp -s $IPADDR $UNPRIVPORTS -d $NAMESERVER_1 53 -j ACCEPT
ipchains -A input -i $EXTERANL_INTERFACE -p udp -s $NAMESERVER_1 53 -d $IPADDR $UNPRIVPORTS -j ACCEPT

Because each ISP has 2 nameservers and I use 2 ISPs then there are another 3 pairs of rules like these above for $NAMESERVER_2 to $NAMESERVER_4.

Now I wish to sign up to another ISP but it dynamically assigns the nameserver addresses. How do I find out what the nameserver address is for the firewall 'cause I don't just want to accept udp packets from anywhere?

Also there must be an easier way than having to specify each nameserver address in the firewall for each of the ISPs. I know the computer knows the nameserver addresses 'cause the names I type in resolve correctly. So there must be some way to automatically set the values of the variables $NAMESERVER_1 and $NAMESERVER_2 after the connection is established and when the firewall script is run in the /etc/ppp/ip-up file.

How do you do this?

OK, I figured out part of it. I am using the pon file created in Debian by pppconfig to connect to the provider. Now when I was using RedHat, I had to make up my own chatscripts and had to set the /etc/resolv.conf file each time I connected using a different provider (by copying a resolv.conf for each provider to /etc/resolv.conf) Under Debian the pppd daemon seems to set the /etc/resolv.conf automatically when the connection is established.

So now I know the info is stored in /etc/resolv.conf as it should be but still, how do I assign this to the variables $NAMESERVER_1 AND $NAMESERVER_2 in my firewall script?

I haven't done much bash programming.

Can I modify the way command used to run the firewall script so that it sends these values over and use grep somehow to extract the info from the /etc/resolv.conf file.

Can one of you legend programmers show me how to do this?

How is this:
$DNSSERVER_1=`cat /etc/resolv.conf | grep nameserver | grep nameserver -n | grep 1:nameserver | cut -d \ -f 2`
$DNSSERVER_2=`cat /etc/resolv.conf | grep nameserver | grep nameserver -n | grep 2:nameserver | cut -d \ -f 2`

I put these 2 lines in my firewall script and it seems to work.

My programming is very messy though and I am sure someone can do much better. I mean it took me about 2hrs to work that out from reading man pages for grep and cut.

This is also messy, but something I quickly came up with ...

-----------------------
NAMESERVER=`grep nameserver /etc/resolv.conf | cut -d \ -f 2`
for NSINDEX in $NAMESERVER
do
ipchains -A output -i $EXTERNAL_INTERFACE -p udp -s $IPADDR $UNPRIVPORTS -d $NSINDEX 53 -j ACCEPT
ipchains -A input -i $EXTERANL_INTERFACE -p udp -s $NSINDEX 53 -d $IPADDR $UNPRIVPORTS -j ACCEPT
done
exit 0
----------------------------

It's only my 2nd shell script, but I figure it might just work

Ahhh. That looks a bit closer to something a real programmer would write. Thanks, I will give that a go.