|
||||||||||
Hi Dave! Am Samstag, den 16.07.2005, 19:57 +1200 schrieb Dave Evans: > I do use a dynamic dns service (www.dyndns.org) to maintain a > current record of my home IP through one of their free domain > names but where would I put the DynDNS domain name into Monowall, > to allow it to automatically have a rule that points to my current IP ?? Not possible and somewhat risky. If your IP changes and the DNS-Server m0n0wall uses has cached the old entry, it's possible that another user has access to your WebGUI. Since this GUI is also protected by a password, this might be acceptable. So I think, we can discuss including DNS names in rulesets for next version of m0n0wall (if the filter code accepts such a syntax - pf for example does [1]). > As a workaround I have access to a W2K Remote Desktop session that > allows me to go into the W2K box and access the Monowall box from the > LAN to change the firewall rule that identifies what my current external > IP is but that can really only be considered a short-term solution. Other solutions: 1. Use IPSEC or PPTP with an inside http or socks proxy 2. Use an m0n0wall ssh image [2] with certificates and redirect port 80 or 443 from m0n0wall to your ssh client (if dropbear [3] does support that) Ciao ... ... PIT ... [1] http://www.openbsd.org/faq/pf/filter.html#syntax [2] http://www.xs4all.nl/~fredmol/m0n0/ [3] http://matt.ucc.asn.au/dropbear/dropbear.html --------------------------------------------------------------------------- copyleft(c) by | _-_ Less is more or less more -- Y_Plentyn Peter Allgeyer | 0(o_o)0 on #LinuxGER ---------------oOO--(_)--OOo----------------------------------------------- |