Hi,
I like the idea, but:
1) I would put it into the 'script' part of shorewall (for example the
"init" file)
2) Add error checks: dig may fail sometime...
...and I would use ipsets.
ipsets can be updated from an independent cronjob for example. Almost
instant, without the need to touch the configuration.
--
Regards,
Igor
------------------------------------------------------------------------------
Get 100% visibility into Java/.NET code with AppDynamics Lite!
It's a free troubleshooting tool designed for production.
Get down to code-level detail for bottlenecks, with <2% overhead.
Download for free and get started troubleshooting in minutes.
http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
