> Hi, > > Is it posebole with iptables to filter on a DNS name not a ip address? > > What i have is an x hosts / domain names and 1 ipadres. > > Lets take an example. > > Host IP address > Host.example1.com 192.168.1.2 > Host.example2.com 192.168.1.2 > > And what i want to do is a packet that is for DNS name Host.example1.com is to > go to rule 1 and Host.example2.com is to go to rule 2. > > I hope it's clear becource my english is not that good. > > Greets, > > Master_PE > Generally, no because IPTables is a packet filtering firewall. To block actual host names you need a proxy firewall like Squid. Squid is actually really good for a business, because if you set up Squid right as a transparent proxy you can stop people from visiting sites that they shouldn't during work hours eg. porn.
HTH Ben
