Few days ago, I described how to setup Vuurmuur as an iptables manager for public and vpn interfaces.
Lately I had an aDSL connection, with IP changing every day. As long as I use VPN IP of the server for the most of actions this is not a problem at all, but we use public domain and IP authorisation for our GitLab. In other words, to be able to commit to GitLab, my public IP must be allowed in Vuurmuur.
Let me share the way in which I have resolved it:
1. In vuurmuur_conf I have added "Kuba" host with 188.8.131.52 IP to admin group.
2. On my PC i run following script:
#!/bin/shmyip=`curl -s checkip.dyndns.org|sed -e 's/.*Current IP Address: //' -e 's/<. internet kuba.inet.internet ipaddress vuurmuur_script>
First line uses checkip.dyndns.org to check current public IP.
Second line sends the Vuurmuur command to the server, that updates 'Kuba' host with current public IP.
It's being sent with 'server-cmd' command, which looks like this:
ssh -X [email protected] $1 $2 $3
You can use sshpass or ssh key authorisation to get rid of password prompt.
This script, changed into cronjob, updates the server firewall with my public IP every day.