hostnames resolving problem
Marcin Gryszkalis
mg at fork.pl
Thu Aug 21 14:18:05 PDT 2003
Hi
I encountered small problem when using DNS names in ipfw rules
(I'm using ipfw2 on 4-STABLE). The ipfw resolves name to
*first* ip assigned to the name - but I expect to have *all*
ip addresses in the rule. eg.
# ipfw add 10000 allow tcp from any to smtp.o2.pl smtp setup
10000 allow tcp from any to 212.126.20.58 dst-port 25 setup
# host smtp.o2.pl
smtp.o2.pl has address 212.126.20.60
smtp.o2.pl has address 212.126.20.61
smtp.o2.pl has address 212.126.20.58
Quick search thru ipfw2.c shows that
static int lookup_host (char *host, struct in_addr *ipaddr)
is the responsible function, but it's also used in
'forward' rules where resolving name into many ips wouldn't
make sense (I guess).
I don't know the ipfw internals and evolution and development
rules so I could provide robust patch now - but I could try
if somebody lead me (or at least I can help testing).
regards
--
Marcin Gryszkalis
http://fork.pl
<><
More information about the freebsd-ipfw
mailing list