El miÃ, 09-03-2005 a las 10:35 +0000, Nick Drage escribiÃ: > On Wed, Mar 09, 2005 at 10:07:22AM +0100, Jose Maria Lopez Hernandez wrote: > > El miÃ, 09-03-2005 a las 07:25 +0100, Sebastian Docktor escribiÃ: > > > > I want to allow a Dynamic DNS Client to Access the SSH-Server on my > > > Firewall. But I don't want to open SSH for all IPs, Is it possible > > > that iptables always looks up the ip address from the hostname, so > > > that only the ip has access which is registrated under the dyndns? > > > > I don't understand your problem. If you know your IP you can block > > based on that IP. > > The OP's problem is that the DNS will stay the same, say > hostname.dyndns.net, but that the IP address associated with that name > will change. So as soon as the IP address changes, his rulebase is out > of date. You are right. I didn't read the post well, I was thinking *he* was the one with the dynamic IP, now I see it's the client to his server who has it. That's a real problem, now I realize. Sorry and regards. -- Jose Maria Lopez Hernandez Director Tecnico de bgSEC jkerouac@xxxxxxxxx bgSEC Seguridad y Consultoria de Sistemas Informaticos http://www.bgsec.com ESPAÃA The only people for me are the mad ones -- the ones who are mad to live, mad to talk, mad to be saved, desirous of everything at the same time, the ones who never yawn or say a commonplace thing, but burn, burn, burn like fabulous yellow Roman candles. -- Jack Kerouac, "On the Road"
