> how would a forward to add dynamic ipaddress (how would i tell iptables > about the new number, what can I use) I would recommend that you have your forward rule in a sub-chain of it's own. This way you could write a fairly simple external daemon (shell script) that could flush the sub-chain and insert the new rule. Or if you are really paranoid (not to mention the fact that there is DNS cache timeouts, if you are updating the pointer the old pointer is likely no longer valid, etc) you could insert the new pointer rule at the top of the sub-chain via "-I <sub-chain-name> 1 ..." and then subsequently delete all remaining rules in that sub-chain as it would be used for just that one rule. This will effectively make it safe for a script to work with the chain with out fear of messing up other things in the firewall. > can IPTABLES forward to a host name No. IPTables will only forward to an IP as far as I'm aware of. Grant. . . .
