How do I whitelist a dynamically changing application sync server IP ?
How do I whitelist a dynamically changing application sync server IP ?
I have a vm for which I have s specific whitelist only firewall. It is supposed to only allow connections to the IPs an app connects to when syncing.
I first got the sync server IP's listening to tcpdump, then when I had the IP's I activated the whitelist.
This worked perfectly for some time, but now it appears that the IP's have changed. I could do the same thing again but repeating the process regularly is annoying and defeats the whole purpose of only ever allowing network connections to specific whitelisted serves.
Alternatively, I could set up a process to only allow network traffic from that app somewhat.
Using debian-11 btw.
Any help is appreceated !!!
What you would have to do is setup dynamic DNS on the machines you want to whitelist (you can use duck dns or buy a domain and use cloudflare). From there, it depends how you are whitelisting and if it supports the hostname. For example, if you are using ufw, you can write a bash script that runs every few minutes that grabs the ips by resolving those hostnames and updates the entries.