On Tuesday 2010-06-22 20:16, Florian Effenberger wrote: > >[block by DNS] > >If I want to have destination host based rules, how can I do this with >iptables? My current idea is to run a cron job every few minutes to add >the rules again with the changed IPs, but this sounds like an ugly >workaround, and will clutter my user-defined chain heavily. So create another chain. The in-memory table does not know DNS, and rightfully so. >Is there any other approach, other than opening up all traffic to 993 >and 587? SOCKS proxies. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html