By pipentassle
I am trying to configure my droplet’s Shorewall firewall to use the floating IP, but only for certain kinds of traffic. I’d like to use the droplet’s public IP for other kinds of traffic. Specifically:
Public IP: HTTP and HTTPS open; SMTP and IMAP closed. Floating IP: SMTP and IMAP open; HTTP and HTTPS closed.
I’m just not sure how to do this. I know the droplet’s anchor IP and have a general understanding for how the Floating IPs work, but I’m lost beyond that.
I know that many of you are smarter than I am, so I’m hoping you can walk me through this in a dumbed-down fashion. Thank you in advance for whatever help you can provide!
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hi,
The floating IP is what the world sees externally but for software running on the droplet, there is what’s known as an “Anchor IP” - I think this is what you need.
Lots more info on this topic here: https://www.digitalocean.com/community/questions/send-outbound-traffic-over-floating-ip
The tl;dr is to find your anchor IP by running this command from your droplet:
curl -s http://169.254.169.254/metadata/v1/interfaces/public/0/anchor_ipv4/address
Then use the IP that it returns in your Shorewall configuration.
Hope this helps! Let us know how it turns out.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.