this is from my personal mail...
--
Live long and prosper
- Harald Welte / [EMAIL PROTECTED] http://www.gnumonks.org/
============================================================================
GCS/E/IT d- s-: a-- C+++ UL++++$ P+++ L++++$ E--- W- N++ o? K- w--- O- M+
V-- PS++ PE-- Y++ PGP++ t+ 5-- !X !R tv-- b+++ !DI !D G+ e* h--- r++ y+(*)
--- Begin Message ---
Harald -
I wasn't sure where to eMail this question to but following the
documentation on http://netfilter.samba.org it seems that you have
picked up most of the administration of IPTables/Netfilter so this
seemed like a good place to start.
I have been using IPTables for some time now, quiet happily I might add.
Recently I've been asked to set up a Linux server and filter access of
IP traffic via partial domain names. My first reaction was to see if the
IP addresses could be grouped together, because I know you can filter on
partial IP addresses. Unfortunately the only thing these domains have in
common is part of their domain name.
Is it possible to filter on partial domain names? Is anyone working on
such an extension to IPTables? I realize that there would be a serious
penalty having to lookup IP addresses, but in this case the sponsor of
the work is willing to trade off speed for security. The sponsor also
happens to have a very complete DNS server in close proximity to this
machine.
Any help would be appreciated - AYAL
--- End Message ---
