I wanted to allow my home IP to much more ports then standard.
Therefore, I searched for a solution to allow a DNS name to the Firewalld.
That is not possible? It is, with a smal script I wrote and I want to share.
First, you need a dyndns provider for your home IP like http://freedns.afraid.org/
Then you create a file with my script and edit the hostname.
Also, make it executable.
Copy/paste this:
#/bin/sh
date
#check if file already there if not, create it
if [ -r /run/myip ]
then
echo "file there"
else
echo "file not there"
dig +short i.home.mollberg.de > /run/myip
firewall-cmd --zone=public --add-rich-rule='rule family="ipv4" source address="'$myipnew'" accept'
fi
#get old IP
myipold=$(</run/myip)
echo "$myipold"
#get new IP
myipnew=$(dig +short YOUR-DNS-NAME-HERE)
echo "$myipnew"
#compare new and old ip, do nothing if nothing changes, remove old ip and allow new IP if IP has changed
if [ "$myipold" = "$myipnew" ]
then
echo "same IP"
else
echo "diff IP"
firewall-cmd --zone=public --remove-rich-rule='rule family="ipv4" source address="'$myipold'" accept'
firewall-cmd --zone=public --add-rich-rule='rule family="ipv4" source address="'$myipnew'" accept'
dig +short YOUR-DNS-NAME-HERE > /run/myip
fi
Now add a cron job like this running every hour:0 * * * 0 root /home/user/MyIP.sh >> /var/log/myip.log