Jim Laurino wrote:
Greetings all
with an IPTABLES ruleset you can specify an IP address to be
allowed/blocked
iptables INPUT -s 12.12.12.12 -j ALLOW
But can this be done with a DNS name
iptables INPUT -s www.name.com -j ALLOW
IPTABLES accepts DNS names, but the DNS lookup is performed
when the rule is placed in the kernel,
not when the rule is evaluated against a packet.
The kernel (netfilter) rules use ip address only.
To achieve what you want, I think you would have to
update the rule whenever the DNS mapping changed.
How can this be done on a per packet basis, where the IP is checked
regularly
or can the table be flushed and reloaded every hour.
What would be the negative of doing a reload each hour??
Thanks in Advance
--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.344 / Virus Database: 267.11.14/129 - Release Date: 10/11/2005
