[asterisk-users] Security - Using Linksys PAP2T from outside with a dynamic IP is there anyway to block all other traffic but those of the PAP2T?

bruce bruce bruceb444 at gmail.com
Sun Oct 3 11:27:33 CDT 2010 

Thanks for the input guys.

So, the IP is resolved only when IPTABLES is loaded or reloaded. Therefore,
the best approach would be to ping the hostname every let's say 3 seconds
and see if the IP is still the same and if it is then move on, otherwise
update the iptables with the new IP address. This sounds it would work but I
am not sure how fast DynDns can resolve the IP for me (delay) and I am
looking to connect 40 PAP2T to this system. So, all in all that is 40
queries to DynDNS each 3 seconds.

As I mentioned earlier, wouldn't it be more solid if I run my own Dynamic
DNS server on the same box as Asterisk (is that even possible?) and what
sort of other security holes would I be exposing doing that?

Thanks again for all the great input.

-Bruce

On Sun, Oct 3, 2010 at 8:01 AM, Steve Edwards <asterisk.org at sedwards.com>wrote:

> On Sat, 2 Oct 2010, Kyle Kienapfel wrote:
>
> > You're not going to be able to put a dns hostname in the iptables, but
> > you could have a script that runs at times and gets the ip address for
> > your dynamic hostname and allows that.
>
> Almost.
>
> You can put a host name in iptables, but it is resolved when loaded.
>
> You could restart iptables when your dynamic host name changes and it will
> be resolved correctly with the new IP address.
>
> --
> Thanks in advance,
> -------------------------------------------------------------------------
> Steve Edwards       sedwards at sedwards.com      Voice: +1-760-468-3867 PST
> Newline                                              Fax: +1-760-731-3000
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> New to Asterisk? Join us for a live introductory webinar every Thurs:
>               http://www.asterisk.org/hello
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20101003/0d4943a9/attachment.htm

More information about the asterisk-users mailing list