Welcome to Mollberg.de

You are here:   Home > Firewalld on Centos 7 with dynamic IP

Firewalld on Centos 7 with dynamic IP

I wanted to allow my home IP to much more ports then standard.

Therefore, I searched for a solution to allow a DNS name to the Firewalld.

That is not possible? It is, with a smal script I wrote and I want to share.

First, you need a dyndns provider for your home IP like http://freedns.afraid.org/

Then you create a file with my script and edit the hostname.

Also, make it executable.

Copy/paste this:

#/bin/sh
date
#check if file already there if not, create it
if [ -r /run/myip ]
then
  echo "file there"
else
  echo "file not there"
  dig +short i.home.mollberg.de > /run/myip
  firewall-cmd --zone=public --add-rich-rule='rule family="ipv4" source address="'$myipnew'" accept'
fi

#get old IP
myipold=$(</run/myip)
echo "$myipold"
#get new IP
myipnew=$(dig +short YOUR-DNS-NAME-HERE)
echo "$myipnew"

#compare new and old ip, do nothing if nothing changes, remove old ip and allow new IP if IP has changed

if [ "$myipold" = "$myipnew" ]
then
  echo "same IP"
else
  echo "diff IP"
  firewall-cmd --zone=public --remove-rich-rule='rule family="ipv4" source address="'$myipold'" accept'
  firewall-cmd --zone=public --add-rich-rule='rule family="ipv4" source address="'$myipnew'" accept'
  dig +short YOUR-DNS-NAME-HERE > /run/myip
fi

Now add a cron job like this running every hour:

0 * * * 0 root /home/user/MyIP.sh >> /var/log/myip.log

 

Login