DDNS Firewall Holes
Submitted by TuxInvader on Fri, 07/14/2006 - 22:48
One method I've used for accessing my home box from the interweb is to use a dynamic DNS account. I have a script that is run from cron that does a lookup on a certain hostname and updates an iptables chain whenever the IP changes.
I don't need to leave SSH open, I just carry the username/password for the ddns account and update it whenever I need access from somewhere. Within a few minutes a hole is opened through the firewall and I can log in.
The script allows you to add multiple hostnames and multiple ports, you should be able to easily modify it to suit your requirements.
It's a good idea to reset the IP on the dns account to a trusted host when you've finished 
You will need to create a NetFilter chain with a return rule at the end and jump into from the INPUT chain. Once that's done ddnsholes will do the rest.
Download the shell script ==> ddnsholes.sh
License: GNU GPL Version 2
Copyright: Mark Boddington 2005
If you want a more secure method using GPG protected email take a look at GPGSesame