We help IT Professionals succeed at work.

How can I use no-ip.org dns to update iptables for remote access with Linux router

jcgreer asked
Last Modified: 2010-04-21
Hello, I have a linux box that is a router/gateway running iptables rule sets. I have setup a dynamic dns account at www.no-ip.org. This runs a client on my laptop that updates my record at no-ip.org with my current ip address (ie. fred.myvnc.com = xxx.xxx.xxx.xxx).
What I would like to do of course, is have my iptables firewall update with my ip address from my resolved no-ip dns, and allow my laptop to connect to ssh and remote desktop from where ever I am. And have it update, every 5min? or so.  (Usually at my home or another office (but my concern is that my home ip might change and cause me a problem in the future (or if I am out of town))).  I realize that I would not want to do this from a cyber cafe, but I do not want to have the port open to the world full time either, and that IP would change as soon as I get to the office.
I looked a something called port-knocker, http://www.ducea.com/2006/07/05/how-to-safely-connect-from-anywhere-to-your-closed-linux-firewall/ 
 that looked interesting, but I would rather have it more 'automatic' that I do not need to really do anything special to initiate this (aside from the no-ip.com stuff (which I already use for my home stuff))
Watch Question

Try this, its for Ubuntu, but it should apply to you



Thanks for the reply.  However, let me add some more detail. I am trying to go the other way around.
The server is at my office and has a static ip address already.
My current configuration is working with remote desktop to my windows boxes and ssh to the server from my house (fortunately they do not change my ip address that often (but when they do.. of course it is 2am and I have to drive into the office)).
I need to be able to connect to ssh on that server with my laptop from my house or out of town, or from my dynamic ip on a SprintPCS broadband card.
So all I need is the server to lookup my no-ip.com address and rewrite the iptables rules from my (now) current ip address. So I can use it from anywhere, but I do not want the server to accept ssh from just any ip address in the world.

Solution Architect
Unlock this solution and get a sample of our free trial.
(No credit card required)
Gabriel OrozcoSolution Architect

any news?


Very complete!, code worked first time without change (except for my noip address), also included instructions for adding to cron (nice, makes a complete answer, so readers would not have to then go look that up).
Thank you!
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.