I use the firewalls to block SSH from all but our employee IPs. However, those IPs change weekly, and I end up having to maintain a map and it's really confusing. I'd like to have a way to name them so I can easily update them.
Different ways I've done this with traditional firewalls:
• Create one SSH rule per person and name the rule
• Create a named machine with an IP for each person, and add all those machines to the SSH rule
Please please please let me know if this is something you can accommodate in the future.
I agree with this, maybe allow named address lists (which contains IP addresses that you can easily update) , so that you can reference an address list by name in your DO FW rule.
Even better, allow us to specify DNS entries as "IPs" (and maybe DO resolves them every 30m or something) . alot of HW firewalls support this (and i use it often).
Something has to be done as the current method of entering IP addresses is really bad and slow (and awkward, you cant copy / paste, you cant enter IPs or ranges quickly either).
thanks
Attachments Open full size
You should probably use the api.
Attachments Open full size
An approach I've seen elsewhere is to allow tags at the rule level.
Also, a description box at the firewall level would be helpful as well.
Attachments Open full size