Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
22.7 Legacy Series
»
Dynamic DNS-Alias (e.g. github.com)
« previous
next »
Print
Pages: [
1
]
Author
Topic: Dynamic DNS-Alias (e.g. github.com) (Read 860 times)
moe
Newbie
Posts: 31
Karma: 0
Dynamic DNS-Alias (e.g. github.com)
«
on:
November 17, 2022, 03:12:15 pm »
Hi,
I have few hosts for developing and I wan't to isolate them from the whole internet, just only github.
So can you tell me, is there any way like on Checkpoint or Palo or some kind of firewalls to place i firewall-Rule where the destination is an objekt called *.github ?
And in the Background it makes a Reverse-Lookup for the DNS-Entrys and Puts them in the Alias-List?
Thanks for Feedback.
Kind regards
Logged
Vilhonator
Full Member
Posts: 245
Karma: 13
Re: Dynamic DNS-Alias (e.g. github.com)
«
Reply #1 on:
November 18, 2022, 12:56:17 am »
According to github, you need to create alias "github.com" and allow TCP ports 22, 80, 443, and 9418.
https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/about-githubs-ip-addresses
Logged
Vilhonator
Full Member
Posts: 245
Karma: 13
Re: Dynamic DNS-Alias (e.g. github.com)
«
Reply #2 on:
November 18, 2022, 01:14:13 am »
Anyways, if this is any help, for github you only need to allow traffic from IP ranges listed at:
https://api.github.com/meta
Opnsense won't be able to fetch those using the link (at least didn't work for me), but there is a way to fetch them somehow (or just add them manually if all else fails)
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
22.7 Legacy Series
»
Dynamic DNS-Alias (e.g. github.com)
