[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Re: Filter question
From:       grant beattie <grant () grunta ! com>
Date:       2002-12-06 5:12:48
[Download RAW message or body]

On Fri, Dec 06, 2002 at 12:02:56AM -0500, Small, Jim wrote:

> Is it possible to filter on domain names instead of/in addition to IPs?
> block out log quick on <IF> proto tcp from any to pornography.com
> 
> I would like to mention that I *know* it would be slow.  But let's say I'm
> stubborn and want to do it anyway!  How would I setup such a configuration?

Yes, the example you used will work. Note that the IP address lookup
is done at rule load time, not runtime.

Also, if you don't have a way of resolving those hostnames when you
load the rules, they will not be inserted.

g.

[prev in list] [next in list] [prev in thread] [next in thread]