|
|
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] |
On Mon, 3 Dec 2001, Conrad Williams wrote:
> Can iptables be made generic with filters like www.*sex*.com* ??? And could
> this catch most before they even arrive?
> Conrad
If mail.spammer.com resolves to an IP (and if you have
a good DNS) then you can use it in the place of an
IP on the iptables rule.
Examples =>
postmastergeneral.com
offerpromo.com
broadwing.net
I do not know how to use a wild card (like in your example) on an iptables
rule, (it seems to me) you can only deal with hosts or networks. You
can deny entire IP ranges using network masks with an iptables rule.
Example =>
199.95.207.0/24
10.207.95.199.in-addr.arpa. domain name pointer
network-199-95-207-10.dclk.net
::dc::
David Correa RHCE CCNA _ _ _ _ _ _ _ _ ___ ____ ____ _ _
tech@linux-tech.com | | |\ | | | \/ | |___ | |__|
http://www.linux-tech.com |___ | | \| |__| _/\_ | |___ |___ | |
------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
[Home] [Fedora Announce] [Linux Crypto] [Kernel] [Netfilter] [Video for Linux] [Bugtraq] [USB] [Network Security] [Fedora Security]
|
|