Using DNS names when making iptables rules
Tom Eastep
teastep@shorewall.net
Tue, 8 Jan 2002 13:21:26 -0800
On Tuesday 08 January 2002 01:03 pm, Damien Dye wrote:
> How i do rules with dns as
> iptables -A INPUT -s <dns> -j ACCEPT
> says " Bad argument"
[root@gateway 1.2]# iptables -N foo
[root@gateway 1.2]# iptables -A foo -s mail.shorewall.net -j ACCEPT
[root@gateway 1.2]# iptables -L foo -n -v
Chain foo (0 references)
pkts bytes target prot opt in out source =20
destination
0 0 ACCEPT all -- * * 206.124.146.177 0.0.0=
=2E0/0
[root@gateway 1.2]#
Of course you can't use FQDNs if your current ruleset prohibits access to=
the=20
DNS server(s) that are required to resolve them.
-Tom
--=20
Tom Eastep \ A Firewall for Linux 2.4.*
AIM: tmeastep \ http://www.shorewall.net
ICQ: #60745924 \ teastep@shorewall.net
-------------------------------------------