iptables update hostname in rule
-A INPUT -s dynamichost.com u -p tcp -m tcp --dport 22 -j ACCEPT
The rule above will point to an IP address I want to SSH into my server, it is dynamic and can change.
It seems iptables won't update the actual address even if it has changed until it is restarted. I don't want a cron job that keeps restarting iptables for security reasons.
Anyone have any simple ideas to force iptables to update the hostname in a rule?
I ran across an interesting looking rule here but it doesn't work with my iptables:
iptables -A INPUT -p tcp --dport 22 -m recent --update --seconds 60 --hitcount 4 --rttl \
--name SSH -j LOG --log-prefix "SSH_brute_force "
I'm not expert but the "--update" switch looked helpful even though it doesn't seem to be a valid iptables rule :)
Any help will be appreciated