Kevin Old wrote:
I wouldnt enable a wide range like that... What I would do is a little shell script magic to open just the necessary IP...Here are a few questions:
1) Is there I can allow a dynamic hostname to have unlimited access to
the server? For example, if I'm a Comcast subscriber the hostname to
my cable modem is 12-134345-112.nashville.comcast.com or something
like that. Is there a way I can create a firewall rule to allow all
*.nashville.comcast.com requests for any port rather than a static IP?
This is how I'd do it:
1 - Register a dynamic DNS entry in any service like dnsalias.org . get the autoupdate client and configure it on the machine connected to comcast.
This way , every time your home IP changes , the dns entry will be pointing to it.
2 - make a little shell script which does something like this and set it to run every 5 minutes on cron:
get the ip for hostname myhomemachine.dnsalias.org (for example)
if $HOMEIP is set , compare it with the IP you got on the first step . If they are the same , just exit. If they're different:
set the $HOMEIP var and run the bash script of the firewall
This should be enough , if the firewall script uses the $HOMEIP variable to configure the necessary lines..
2) Are there other restrictions I should place on the 9 ports I haveSorry. Couldnt open your firewall script here.. my provider sometimes has issues with some random servers :|
open? If so, what are they?
-- Pedro Macedo
