Everytime a packet comes in that might match the rule, you would have to do a DNS lookup. Not a good idea, as this would REALLY screw up the latency on your firewall.
sai On 4/22/07, Rob Terhaar <[EMAIL PROTECTED]> wrote:
don't think this is possible, or a good idea ether. On 4/21/07, Volker Kuhlmann <[EMAIL PROTECTED]> wrote: > What options are there for creating rules with a hostname which resolves > to a dynamic IP address? I'd like to allow one host access inbound > access on a tcp port, but that host doesn't have a static IP. Unless > there's a magic mechanism I don't know about, at least part of the rules > would have to be reloaded when the host's IP address changes. Doing that > wouldn't be a problem, nor would it be a problem if there was a 2h > blackout period when the IP changed but the rules weren't reloaded yet. > > How could this be achieved with pfsense? I'm not averse to a bit of > shell scripting if necessary. > > Thanks, > > Volker > > -- > Volker Kuhlmann > http://volker.dnsalias.net/ Please do not CC list postings to me. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
