[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: shorewall dynip problem

> Helo all !
> ACCEPT:info     net:thelaptop.dynip.com    loc:    tcp  
> http,https  -  all

As said in shorewall documentation 

- WARNING: I personally recommend strongly against using DNS names in Shorewall 
configuration files

- When a DNS name appears in a rule, the iptables utility resolves the name to 
one or more IP addresses and inserts those addresses into the rule. So changes 
in the DNS->IP address relationship that occur after the firewall has started 
have absolutely no effect on the firewall's ruleset.

You have to find another way to restrict access to your internal Web server :( 
Authentication, SSL ?



Philippe Gaudron

Reply to: