account and shorewall

Discussion in 'Installation/Configuration' started by Reptile, Nov 15, 2007.

  1. Reptile

    Reptile New Member

    I am using Debian Etch and Shorewall 3 to control IP access to my services.

    Currently, for database and SSH i use a no-ip account so I can use that instead of an IP range in shorewall (since my ISP address is dynamic). The problem is that it is kind of useless because shorewall needs to be restarted if the physical IP address that is stored in your no-ip pointer changes. The only solution I have found so far is to write a bash script to restart the firewall every x minutes using Cron. This seems a rather crude solution to me.

    Is there any way to configure shorewall so that it checks the IP address for a domain name instead of caching the address on restart?
  2. falko

    falko Super Moderator ISPConfig Developer

    Can't you modify your bash script to check whether the IP has changed, so that it restarts Shorewall only if it has changed? The script could store the previous IP address in a text file and compare the current IP address with it.
  3. Reptile

    Reptile New Member

    yeah that's a reasonable idea :) Ill give it a go. Restarting shorewall every 15 mins became unreliable and shorewall didnt always restart properly making the entire server inaccessible :mad:

Share This Page