Hi all,

New user here. I'm running Ubuntu server 6.06 as a server on a remote VPS, and have configured iptables using the 'Linux firewall' feature of Webmin. It seems to do what I want, allowing public access to ports 80,81 and 443, and restricting port 22 access to my home and work ip addresses.

Unfortunately my home ip address recently switched from static to dynamic, and although I've registered a DynDNS domain name for my home ip address, I can't get iptables to accept a hostname rather than an ip address (a security feature I imagine).

Is it feasible (and safe) to configure iptables to allow all addresses to access port 22, but also specify my hostname in a /etc/hosts.allow file:

sshd : <my.hostname> : allow

Or is there a better way, perhaps exploiting ping? Thanks.

I think you must use the hostname that is bound to your IP address as the PTR record, not your dyndns.org hostname. For example, do a
dig -x your.ip.add.ress
and it should show you the hostname. Unfortunately, you still have the problem with the dynamic IP addresses...

Not too helpful I'm afraid - 208.67.222.222 is the OpenDNS server address and there is no apparent hostname:

raj@ubuntu:~$ dig -x 89.242.166.xxx

; <<>> DiG 9.3.2 <<>> -x 89.242.166.xxx
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1047
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;xxx.166.242.89.in-addr.arpa. IN PTR

;; Query time: 61 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Tue Oct 9 17:04:51 2007
;; MSG SIZE rcvd: 45