Re: Host blocking

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Ok so this configuration will block the ISP proxy both ip address and domain name on the subscribers perspective. thank you very much Jason

Ragrds,

Wennie
----- Original Message ----- From: "Jason Opperisano" <opie@xxxxxxxxxxx>
To: <netfilter@xxxxxxxxxxxxxxxxxxx>
Sent: Tuesday, May 17, 2005 4:44 PM
Subject: Re: Host blocking


On Tue, May 17, 2005 at 04:39:14PM +0300, Wennie V. Lagmay wrote: 
What if they define the ip address instead of domain name? How can I
block/accept  both domain name and ip address?


iptables rules only contain IP addresses, not host names.  in my example
rules, proxy.ourcompany.net and proxy.ISP.net represent the IP addresses
for those hosts.  you can use an FQDN in an iptables rule, but the FQDN is
resolved to an IP address (or addresses) at the time the rule is loaded,
and the rule will only use that IP address (or addresses) going forward.

-j

--
"Chris: Dad, what's the blowhole for?
Peter: I'll tell you what it's not for. And when I do, you'll understand
why I can never go back to Sea World."
       --Family Guy



[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux