On Mon, 2 Jun 2014, "Wenjian Bill Yang" <[email protected]> wrote: > I just used Yahoo.com as an example. In fact, you cannot use any domain > names in iptables rules. I have come across a website stated that "the > iptables service starts before any DNS-related services when a Linux system > is booted. This means that firewall rules can only reference numeric IP > addresses (for example, 192.168.0.1). Domain names (for example, > host.example.com) in such rules produce errors." > However, many tutorials on websites nowadays have examples of using domain > names in iptables rules.
It looks like you are using the RHEL/CentOS init scripts. You can change the order of them, look at the start of the init.d script for comments which determine the order. Or you could just reload from /etc/rc.local. On Mon, 2 Jun 2014, Tony Crisp <[email protected]> wrote: > Then there was the issue of the remote end dropping off and coming back > with a new dynamically allocated IP and not being able to re-establish > the tunnel. So I had some script keep checking for any disconnects, and > if the IP changed, reloaded the relevant iptables rules again (based on > the latest dyndns lookup). OpenVPN supports running scripts on various events. You could make it launch a script when it gets a connection. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/ _______________________________________________ luv-main mailing list [email protected] http://lists.luv.asn.au/listinfo/luv-main
