On 09/18/2014 03:50 PM, Lars Dam wrote:
We suffer from DNS lookups with a response IP address which is not existing. Can Iptables check on this?
What is it you actually want iptables to do? Do you want it to check if the IP address that the DNS server responds with exists and is in use? Or..? Maybe the DNS server should be fixed instead of trying to go this way.
Iptables (well, Netfilter) is a packet filter. You can filter packets that match a rule that you define. It can't validate your DNS server's output.
-- Rob
Regards, Lars Dam Manager ICT services -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
-- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
