server:dynamische_ip_in_der_firewall_freischalten_per_bash-skript

Quelle: https://unix.stackexchange.com/a/91711

ufw_ip_open.sh
#!/bin/bash
#allow a dyndns name
 
HOSTNAME=HOST_NAME_HERE
LOGFILE=LOGFILE_NAME_HERE
PORT=22
 
Current_IP=$(dig +short $HOSTNAME)
 
if [ ! -f $LOGFILE ] ; then
  ufw allow from $Current_IP proto tcp to any port $PORT
  echo $Current_IP > $LOGFILE
else
 
  Old_IP=$(cat $LOGFILE)
 
  if [ "$Current_IP" = "$Old_IP" ] ; then
    echo IP address has not changed
  else
    ufw delete allow from $Old_IP proto tcp to any port $PORT
    ufw allow from $Current_IP proto tcp to any port $PORT
    echo $Current_IP > $LOGFILE
    echo ufw have been updated
  fi
fi

source: Using UFW with Dynamic IP hostnames like dyndns.org

With this script saved you could create a crontab entry like so in the file /etc/crontab:

*/5 * * * * root /etc/ufw_update.bash > /dev/null 2>&1

This entry would then run the script every 5 minutes, checking to see if the IP address assigned to the hostname has changed. If so then it will create a new rule allowing it, while deleting the old rule for the old IP address.

  • server/dynamische_ip_in_der_firewall_freischalten_per_bash-skript.txt
  • Zuletzt geändert: vor 6 Jahren
  • von Thomas Große