Plan icon indicating copy to clipboard operation
Plan copied to clipboard

Published 20 hours ago verified publisher icon plan-player-analytics

Dynamic DNS support for the new IP whitelist

Open iperrealistico opened this issue 5 years ago • 4 comments

Would be cool if the newly added IP whitelist could be able to resolve dynamic dns systems like no-ip or duck dns, for the ones that do not have a static ip address! This would be a great security feature... just open your ddns software and you are able to log in to plan.

iperrealistico avatar Jun 21 '20 21:06 iperrealistico

Looks simple enough to implement, as Java can do the DNS lookup with InetAddress#getHostAddress.

Do the dynamic IPs change often, i.e. can the addresses be resolved just once on enable or do they have to be constantly updated?

AuroraLS3 avatar Jun 22 '20 06:06 AuroraLS3

Good question, there is no 100% trustable rule on that. It varies a lot. If the DNS resolution task takes time to be done it could be exploited with a ddos attack or something like that. Maybe implement a short term cache, nothing too long tho. Some minutes? Or maybe set a cap on how many dns resolve tasks can be done per second? Don't know 😛

iperrealistico avatar Jun 22 '20 08:06 iperrealistico

After consideration automated whitelist implementations have been deemed out of scope.

AuroraLS3 avatar Jun 22 '21 15:06 AuroraLS3

Reopened this since there was another request

https://docs.oracle.com/javase/7/docs/api/java/net/InetAddress.html#getAllByName(java.lang.String) can be used.

Note that the dynamic IPs listed in the config will need to be refreshed in the whitelist that is held in memory periodically.

AuroraLS3 avatar Jan 04 '22 15:01 AuroraLS3