Date: Thu, 21 Aug 2003 22:50:40 +0200 From: Marcin Gryszkalis <mg@fork.pl> To: freebsd-ipfw@freebsd.org Subject: hostnames resolving problem Message-ID: <3F4530A0.8020704@fork.pl>
next in thread | raw e-mail | index | archive | help
Hi I encountered small problem when using DNS names in ipfw rules (I'm using ipfw2 on 4-STABLE). The ipfw resolves name to *first* ip assigned to the name - but I expect to have *all* ip addresses in the rule. eg. # ipfw add 10000 allow tcp from any to smtp.o2.pl smtp setup 10000 allow tcp from any to 212.126.20.58 dst-port 25 setup # host smtp.o2.pl smtp.o2.pl has address 212.126.20.60 smtp.o2.pl has address 212.126.20.61 smtp.o2.pl has address 212.126.20.58 Quick search thru ipfw2.c shows that static int lookup_host (char *host, struct in_addr *ipaddr) is the responsible function, but it's also used in 'forward' rules where resolving name into many ips wouldn't make sense (I guess). I don't know the ipfw internals and evolution and development rules so I could provide robust patch now - but I could try if somebody lead me (or at least I can help testing). regards -- Marcin Gryszkalis http://fork.pl <><
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3F4530A0.8020704>