On Mon, 28 Jun 2021 15:57:30 -0400 slow_speed@xxxxxxx wrote: > I created a ruleset in iptables and it was saved in > /etc/iptables.up.rules as expected. However, when viewing the file, all > IP addresses had been translated to hostnames. > > Why would it ever do such a thing, when I had entered them as IP > addresses and they would have to be converted to IP addresses anyway? Here's how it works. One may supply hostnames to iptables/iptables-restore but they will be resolved at the point that the rule/ruleset is loaded into the kernel. If using `iptables -L` to list the currently loaded ruleset, reverse DNS lookups will be performed upon IP addresses before displaying. This behaviour can be suppressed by also using the -n option. As for `iptables -S` and `iptables-save`, neither of these will perform reverse DNS lookups. In summary, it's not at all clear how you ended up with hostnames in your iptables.up.rules file. Can you reduce this phenomonen to a simple, well-defined test case? -- Kerin Millar
