adam
3rd November 2006, 17:36
Is it possible to somehow use a domain instead of an ip address to filter traffic?
Because my home ips are dynamic, they change from time to time which means i have to filter my SSH port like this
ACCEPT net:211.155.0.0-211.155.255.255 fw tcp ssh
Using a service like no-ip.com gives me a fixed address that updates everytime my ip address does, so is it possible to get shorewall to do this instead
ACCEPT net:test.no-ip.com fw tcp ssh
this would solve a lot of problems and close off complete ranges that can potentially access my SSH.
Because my home ips are dynamic, they change from time to time which means i have to filter my SSH port like this
ACCEPT net:211.155.0.0-211.155.255.255 fw tcp ssh
Using a service like no-ip.com gives me a fixed address that updates everytime my ip address does, so is it possible to get shorewall to do this instead
ACCEPT net:test.no-ip.com fw tcp ssh
this would solve a lot of problems and close off complete ranges that can potentially access my SSH.