On Mar 20 2007 11:08, Dominic Caputo wrote: > > I currently have an ISP that has multiple address ranges that I > wish to accept in my iptables ruleset. Is it possible for me to use > the DNS Suffix instead of the actual ip as they are currently > dynamically assigned. e.g. iptables -s nsw.bigpond.net.au (current > assigned address is cpe-203-45-103-100.nsw.bigpond.net.au). Not possible*. iptables is handling ip, not dns. > Alternatively if the above is not available would I be able to > setup a dyndns account and get my dsl modem to update the account > and within my iptables config set: iptables -s homegw.dynalias.com See your distro documentation. openSUSE for example accepts custom scripts in /etc/sysconfig/network/if-up.d with which you can call iptables after dial-in. Anyway, not really a netfilter issue. * I refrain from posting possibilities that would end up as Layering Violations. Also, this would be prone to either (a) deadlock or (b) slipthrough. Jan --
