Is there a way to use hostname in firewall rules?

[ozgurerdogan]

Is there a way to use hostnames in firewall rules rather than ip ? There are some guides in google but wanted to ask here.

 

[fireon]

Is there a way to use hostnames in firewall rules rather than ip ? There are some guides in google but wanted to ask here.

I think this would be an hard security issue.

 

[ozgurerdogan]

I have found, modified, tested and succeed using following script. I am sure it will help someone elses.

#!/bin/bash
# Keyword is # Dynu in host.fw file. So change accordingly.
# crontab -e : */30 * * * * sh /updateip.sh
# You can use https://www.dynu.com/ service free.

HOSTNAME=YOUR-DYNAMIC-HOSTNAME
NODENAME=YOUR-NODE-NAME
CURRENTIP=/currentip.log

Current_IP=$(host $HOSTNAME | cut -f4 -d' ')

if [ $CURRENTIP = "" ] ; then
    sed -i '/# Dynu/c\IN ACCEPT -source '"$Current_IP"' # Dynu ' /etc/pve/nodes/$NODENAME/host.fw
  echo $Current_IP > $CURRENTIP
else

  Old_IP=$(cat $CURRENTIP)

  if [ "$Current_IP" = "$Old_IP" ] ; then
    echo IP address has not changed
  else
    sed -i '/# Dynu/c\IN ACCEPT -source '"$Current_IP"' # Dynu ' /etc/pve/nodes/$NODENAME/host.fw
    echo $Current_IP > $CURRENTIP
    echo iptables have been updated
  fi
fi