Using DNS names when making iptables rules
S. Shore
sshore@escape.ca
Thu, 10 Jan 2002 15:26:31 -0600 (CST)
On Thu, 10 Jan 2002, Simon Edwards wrote:
> On Tuesday 08 January 2002 22:21, S. Shore wrote:
> > - The name must resolve to a single address. Names that resolve to
> > multiple addresses cause iptables to complain.
>
> Are you sure? I'm quite certain that when a name resolves to more than one IP
> you effectively get multiple rules inserted (one for each IP).
I've tested it now, and you're right. This used to be a problem (iptables
would complain about too many arguments), but it now appears to add a rule
for each address.
Scottie Shore <sshore@escape.ca>
"Experience is that marvelous thing that enables you to recognize
a mistake when you make it again." -- F. P. Jones