Hi, is there a way to limit external source in port forwarding to a domain instead of IP adress ? I have a multiple IP adresses domain that has to connect to a device on my LAN. Setting up IP’s manually doesn’t solve the problem becouse the IP’s change sometimes.
Hello,
Straight to the point - by normal means, this is not possible, no. The approach you’d have to take is using a Custom script, which, I’d like to mention, is not something we write for our clients, we’re able to help you get on track though!
The logic behind this would be to write a script that pings your website every x amount of seconds/minutes/hours, and the IP address it gets in return should then be saved in a variable. For example, you can have the script run nslookup google.com where you then would get a response similar to this:
You save the Address 1 into a variable X and then append it into your API call, which would look something like so:
api put /firewall/port_forwards/config/45 '{"data":{"enabled":"0","proto":["tcp","udp"],"src_dport":"8080","dest_ip":"192.168.1.1","dest_port":"80","src":"wan","name":"Testulis",".type":"redirect","dest":"lan","reflection":"1","src_mac":[],"src_ip":[],"src_port":[],"src_dip":"","helper":"","extra":""}}'
The one you want to be changing is the dest_ip. Of course, your API call will look a tad bit different, depending on what zone to which zone you’re forwarding, what ports you’re using, etc.
As for examples regarding user custom scripts, you can view some examples here to get you on track: User Scripts examples - Teltonika Networks Wiki
Hopefully, that answers your questions.
M.
Hi again,
Slight correction - since you mentioned “external source” - perhaps you’ll need a source IP instead of the destination one, in that case, the call would look something like this:
'{"data":{"enabled":"0","proto":["tcp","udp"],"src_dport":"8080","dest_ip":"192.168.1.1","dest_port":"80","src":"wan","name":"Testulis",".type":"redirect","dest":"lan","reflection":"1","src_mac":[],"src_ip":["YOUR_DOMAIN_IP_ADDRESS"],"src_port":[],"src_dip":"","helper":"","extra":""}}'
Right under src_ip.
Another note, my call was /firewall/port_forwards/config/45, the number at the end will most likely be different for you. You can check the calls being made by pressing F12 on your keyboard, opening the developer console for your browser, heading to the Network tab, and finding the call once you save an option under port forwards, you will see the full payload there.
Regards,
M.