Hi All,
A feature request if I may please? I did search but threads didn’t seem to match what I had in mind.
Presently in Firewall > Firewall Groups > hosts it is possible to
identify a host by its IP or MAC but for source routing it would
also be nice to route / filter on source domain name - particularly if
that source domain matches a specific DDNS entry
The sort of thing I seek to enable is
SOURCE: Somehost.no.ip.com
SOURCE PROTOCOL: TCP
FORWARD IP: 192.168.x.x
FORWARD PORT: XXYY
I envision this implemented as a 2 part GUI modification:
-
To Add “Domain” as a host type in
Firewall > Firewall Groups > hosts -
As an augmentation of the Dynamic DNS service page
to add lists of hosts that the user wishes the firewall to tracke.g. to have a new section of the DDNS page that displays:
CLIENT HOST FREQUENCY COMMENTsomeserver.servehttp.com 15m freds server
otherserver.myddns.org 15m teds server
To avoid caching the entire global DNS (!) I propose that the system only tracks domain names that are referenced in either page. reducing the total
network and server overhead
The goal here is to only allow hosts from specific domain names to get inbound port responses from RED such that
someserver.servehttp.com can be port forwarded or blocked
portscanner.thehack.net doesn’t even get a port response
Feasible ? I would love to see this added in a future release - it would be a gamechanger for me and several friends who all have dynamic IPs.
heres hoping !
regards
BB