--------------------------.
home|
--------------------------.
projects:|
--------------------------.
 dynfw|
--------------------------.
 davfs|
--------------------------.
documents:|
--------------------------.
 quick .htaccess howto|
--------------------------.
 motorola A1000 on linux|
--------------------------.
photo:|
--------------------------.
 Snow Trekking 31.01.2010|
--------------------------'
----------------------------------------------------------------------------------.
arturp web site - dynfw|
----------------------------------------------------------------------------------'
about
dynfw is a script to control access to specific port(s) on the server, allowing access for defined hosts with dynamic IP addresses, using dyndns service. Requires ip tables. Latest version allows to configure access for static IP entries as well.

download:
dynfw-0.2.tgz, 11K, 2006-03-21

readme
1. Install

Copy the content of etc/ and sbin/ directories to the appriopriate place on your system (e.g. /usr/local/etc/ and /usr/local/sbin/).

2. Configure

If required, edit CONFDIR variable in sbin/dynfw to point to configuration dir.

There are 2 configuration files used by dynfw: etc/dynfw.conf and etc/dynfw.hosts:

  • etc/dynfw.conf: set general options here, the format is 'option=XXX':

    ports=(num1 num2 ...) - specify the list of port numbers you want to control access to, example:

    port=(21 80)

    chain - name that will be used as a dynfw's iptables chain name

    dynfw_hosts - path to the file where dynamic hosts are defined

    dynfw_cache - path to the file where dynfw script will keep its caches

  • etc/dynfw.hosts: define hosts that should get access. Put the lines in the folowing format for dynamic entries:
    port,your.dynamic-hostname.com,offline_ip

    where "offline_ip" is the IP address that DynDNS will point to, when your host is offline. Make sure, that your clients set DynDNS service to point to "offline_ip" when they disconnect from the network. When you execute dynfw, script will grant access to the dynamic ip of your host when it is online, or will remove entry from iptables if DynDNS points to offline address.

    For static IP entries, enter a line in the following format:

    port,ip_address

3. Usage

Run 'dynfw' manualy, when you want to update ip tables entries, or via cron entry like:

*/10 * * * * /usr/local/sbin/dynfw

This will launch dynfw to update ip tables entries every 10 minutes.

General dynfw command usage is:

dynfw [ OPTION ]

By default, if no option is specified, dynfw processes the config files plus cache file and updates ip tables entries accordingly.

-h, --help      show usage message
-f, --flush     flush, clean up. Flushes all the created iptables entries, cache files, etc.
-r, --reload    flush and reload all the caches, iptables entries. Execute dynfw -r each time you have modified configuration files
-------------------------------------------------------------------------------------------------------------.
©2024 Artur Pietruk