Dynamic DNS Port Forward SmoothWall Mod.
Preface
This is the Installation, Documentation, and Distribution point for Perceptus’ Dynamic DNS Hostname Port Forwarding Modification for SmoothWall Express 3.0. This document is split into several pages. You can skip to the appropriate page by clicking on the subpage on the right.
Previous versions of this SmoothWall customization for earlier versions of SmoothWall, including SmoothWall Express 2 are on the website of one of Perceptus’ finest employees, Leonard Chan, see the SmoothWall Express 2 DDNS Modification on Leonard Chan’s Web Mistake. It is now provided by Perceptus Solutions Inc. at no cost and with absolutely no warranties to you or anyone else who uses or reads this set of pages.
Introduction
This document will help you modify a SmoothWall firewall to allow the creation of port forwarding rules by hostname rather than IP address. Moreover, the rules will, with a modest time delay, adjust themselves to changing host IP addresses. In other words, you can create rules for machines that have dynamic DNS host names from services such as dyndns.org, yi.org, and dynip.org.
Possible uses for this modification include giving employees the ability to connect to your LAN from outside the office network to use VPN, Remote Desktop, POP3, or whatever. This is a compromise between locking down external access completely and opening ports to the world – hopefully paired with application level authentication. If you have doubts about the security of your server software such as VNC or Remote Desktop or POP3, or if you doubt the security of your user passwords, then this mod could be for you.
Please be aware of the pros and cons of modifying your SmoothWall firewall with these instructions.
Now, if you are still interested:
Use this document at your own risk.
Perceptus Solutions Inc., it’s employees, it’s customers, and everyone else provide no warranties whatsoever to the Dynamic DNS Port Forward SmoothWall Modification.
Your firewall may develop leaks, break, burn, and generally destroy your business and/or life.
You take all responsibility for your actions and will hold Perceptus and the other aforementioned completely harmless.
So on and so forth.
While we’re on the subject of legal mumbo jumbo, all files distributed for this modification inherit the GPL license from SmoothWall. Feel free to share it and improve it. We do not officially provide free support, however, you can try the Perceptus forums.
A modified SmoothWall has been installed at one of our client’s sites since 2004. It is connected to an ADSL line with half a dozen remote access (RDP and VNC) users and it seems to work. They use DDNS names from dyndns.org. Your mileage may vary. Several others have installed the modification, in fact, recent updates have been graciously sponsored by Jos Moonen. — Thanks Jos!
If you have questions please post them in the Dynamic Hostname Port Forwarding Rule SmoothWall Mod forum. Please use the forum, rather than trying to email anyone at Perceptus. If you want to take your chances with email, you can try contacting info@perceptus.ca.
Continuing From Here
- Go straight to the downloads and instructions: Quick and Dirty Implementors Guide
- A bunch of notes on compiling and tools for SmoothWall work: Random SmoothWall Modification Development Note
- A change log that provides some history: SmoothWall DDNS Change Log
- Source files: DDNS Modification Source Files
March 12th, 2009 at 11:01 pm
Does it work with Smoothwall Express 3.0 SP1?
March 13th, 2009 at 10:28 am
Hi Isaac. Not sure, I haven’t tested it yet.