Re: Redirect to domain name instead of ip

To: Kenny <kenny@romhat.net>, "debian-firewall@lists.debian.org" <debian-firewall@lists.debian.org>
Subject: Re: Redirect to domain name instead of ip
From: Lars Staun Knudsen <debs@utysket.dk>
Date: Sat, 23 Sep 2006 15:20:36 +0200
Message-id: <[🔎] 451534A4.2010902@utysket.dk>
In-reply-to: <1159000700.31990.190.camel@pistachio.domicile.lan>
References: <[🔎] 4514E01F.5020706@utysket.dk> <1159000700.31990.190.camel@pistachio.domicile.lan>

Kenny skrev:
> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 2211 -j DNAT --to 172.16.0.30:2211
> iptables -A FORWARD -i eth0 -p tcp --dport 2211 -d 172.16.0.30 -j ACCEPT

Thank you for the reply, the lines works fine. But I've still got a
dynamic problem, the ip can change with dhcp and therefore it would
be perfect if i could use a domain name. DDns (bind9) is working
along with  dhcp3-server.
The PREROUTING line is complaining if I write pc.dom.dk instead of
172.16.0.30, is there a way to bypass this problem?

And another problem i just though of, if the iptables-script is
executed at a time where pc.dom.dk hasn't got a dhcp-release yet,
there will be no answer in the dns-lookup. So any experience on what
behavior iptables have when there is not ip resolved from the domain
name. Is the rule just set or will the rule return an error.

Best Regards

/Lars

Reply to:

Follow-Ups:
- Re: Redirect to domain name instead of ip
  - From: Kenny <secure@romhat.net>
- Re: Redirect to domain name instead of ip
  - From: SLeiBt <sleibt@free.fr>

References:
- Redirect to domain name instead of ip
  - From: Lars Staun Knudsen <debs@utysket.dk>

Prev by Date: Redirect to domain name instead of ip
Next by Date: Re: Redirect to domain name instead of ip
Previous by thread: Redirect to domain name instead of ip
Next by thread: Re: Redirect to domain name instead of ip
Index(es):
- Date
- Thread