Results 1 to 3 of 3

Thread: IPTables couldn't filter dns

  1. #1
    Junior Member
    Join Date
    Apr 2010
    Posts
    14
    Thanks
    2
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Default IPTables couldn't filter dns

    I want to using iptables in order to filter DNS instead of IP
    I don't have any thing documents mention this
    please help me, thanks

  2. #2
    Senior Member
    Join Date
    Jun 2007
    Location
    Hyderabad, AP, India
    Posts
    806
    Thanks
    44
    Thanked 55 Times in 48 Posts
    Rep Power
    13

    Default

    What do you mean my Filter DNS?
    Do you want to allow/deny DNS queries or do you mean FQDN's?
    If it is DNS queries please make sure that DNS uses both TCP as well as UDP protocol to work..
    Thanks,
    Surendra Kumar Anne
    Linux: Fast, friendly, flexible and .... free!
    Support Open source.
    http://www.linuxnix.com

  3. #3
    Member
    Join Date
    May 2010
    Posts
    53
    Thanks
    0
    Thanked 6 Times in 6 Posts
    Rep Power
    5

    Default

    I know what you mean. You want to use domain names instead of IP addresses. The main trouble with using hostnames with iptables is that the IP is resolved at the time the rule is added. Also kernel cant wait for DNS to resolve IP address, that would be so slow.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. real time blocking with IP Filter/pf
    By Hsinan in forum Networking, Firewalls and Security
    Replies: 0
    Last Post: 23rd April 2010, 05:27 AM
  2. dansguardian web filter time control
    By sandeepvson in forum Proxy Servers
    Replies: 0
    Last Post: 7th April 2010, 06:07 PM
  3. Using header and body checks as profanity filter
    By primal23 in forum Mail Servers
    Replies: 3
    Last Post: 15th September 2009, 12:39 PM
  4. dkim-filter
    By ms.shams in forum Ubuntu / Debian
    Replies: 0
    Last Post: 22nd September 2008, 01:00 AM
  5. Filter MAC addresses with squid on SuSE 10
    By AQG in forum Linux software
    Replies: 8
    Last Post: 18th August 2006, 05:49 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •