Post History

It depends on a couple of factors:

 1. Whether the interface is directly connected to the internet, or is behind a separate firewall which is forwarding on to your machine
 2. What you are using to assign your dynamic address

If your machine is behind a separate firewall, _that_ device is one which gets its WAN interface IP dynamically from your ISP.  To access from the outside, you would typically configure the DNAT on that firewall and forward to your machine, which would _usually_ be assigned a _static_ (or DHCP-reserved) address in your internal LAN (so the firewall has a consistent place to forward the traffic to).

To cover if/when the ISP-assigned dynamic WAN address address changes, you would usually subscribe to a Dynamic DNS service (e.g. https://freedns.afraid.org/), which will automatically update a DNS record for you, when your address changes.  This is managed either by installing the DDNS-provider's script onto your machine and scheduling it to poll the DDNS-provider's server/API every few minutes.  Some firewalls have the facility to run the script for you without polling, by subscribing to events baked into the firewall device.

If it is the interface on _your_ machine that is directly changing, then you have to hook into your DHCP client's facilities to kick off a script which updates your local firewall rules:

 * For __ISC__, there should be an `/etc/dhclient.conf` file which contains a JSON-like block representing your interface.  That block can contain a `script` directive which points to the path of a custom script which runs for all events.  The `dhclient` daemon passes specific arguments to the script, including the event name and new IP address.  Your script would parse the arguments and update your NAT rules.  Details of the mechanism can be found at https://linux.die.net/man/5/dhclient.conf and https://linux.die.net/man/8/dhclient-script.

 * For __systemd__, there should be an associated `networkd-dispatcher` service; this typically has an `/etc/networkd-dispatcher` directory containing subdirectories which reference the various states.  You would place your custom script into the subdirectory which best applies (possibly `routable.d`) and it would run when the network changes to that state.  I _think_ the details are passed to your script by environment variables.  Some limited info can be found at https://manpages.ubuntu.com/manpages/focal/man8/networkd-dispatcher.8.html.

 * For __NetworkManager__, it typically has an `/etc/NetworkManager/dispatcher.d` directory, where you can place your own scripts.  Each script is invoked by NetworkManager, and passed the name of the interface and an event name as arguments; the rest of the details are in environment variables.  https://developer-old.gnome.org/NetworkManager/stable/NetworkManager.html has more details.

For any other client, or if your address is assigned some other way, you will need to hook whatever _that_ mechanism is.