Quote:
Originally Posted by
DARKMAN_HR
Whish there is module for iptables to always check domain name when hit is made... not just at time you add rule to kernel...
perhaps there is something like that? Would be even better.
That wouldn't be a good idea I think. If it had to do a domain name lookup every time it checked a certain rule, that would be a lot of DNS traffic!
Also, DNS can break down, glitch, or simply be slow. You don't want to make the kernel wait for itself -- ever. It might never stop.