Quoting Ryan <ryanag@xxxxxxxxxxxxxxxx>:
On Saturday 08 July 2006 1:25 pm, Aleksandar Milivojevic wrote:
Said all this, as manual page says, using host names with iptables is
really bad idea. You never know what you are going to get.
The same is true of IP addresses. Blocking an IP address can block
many domain
names since hosting providers sometimes do name-based hosting.
You are still going to end up blocking the IP address. The (user
space) iptables command will resolve the host name to IP address.
You'll end up with exactly the same rule no matter if you used host
name directly or IP address. The only difference is, in later case
you know exactly what the rule is going to be. When configuring
firewall, you do want to be exact.
--
See Ya' later, alligator!
http://www.8-P.ca/
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
