"Allow only from" Public dynamic IP Address


(Till) #1

Hi,

i´m trying to create a firewall rule which allows a defined port from a public IP address which changes every night.

Which command do i have to run to change an existing firewall rule and only change the allowed IP address. The current IP address is entered in a text file every night.


(Davide Principi) #2

Yes you could set up some commands to achieve it but… Would you accept a VPN based solution?

What service is listening behind that port? Maybe an authentication mechanism is available…

Please provide more details, we could find a simpler solution !


(Till) #3

im running a plex server and want to serve some content for my parents which are also connected to a FTTH - So bandwidth is no problem.

Yes okay an site-to-site connection could be a possible soloution. Because they´re the only one which will use this server - except my local network - it was the first soloution for me


(Michael Kicks) #4

OpenVPN could fit the scenario, at least until @dev_team would not be able to merge geo-ip references for firewall objects.


(Till) #5

yes but the router of my parents doesn´t support OpenVPN… It´s a FritzBox but a Ipsec Site-to-Site VPN should do it.


(Till) #6

Even if I could just release it publicly I would be interested in the commands to set up the firewall. Could someone give me an example to change the allowed IP address?


(Michael Kicks) #7

Nethserver supports IpSec Site-To-Site scenario.


(Till) #8

Yeah, I know that, and I tested it. However, the FritzBox does not have enough power to decode a Full HD movie over the VPN line…

Does anyone have an example command for changing the allowed IP address on an existing firewall rule on my nethserver?


(Davide Principi) #9

:roll_eyes:

To transfer a big file you could configure a virtual host and name it with a random (hard to guess) string. It’s like Google docs share-by-url.

Just keep the URL secret