--On Monday, October 05, 2015 10:46 AM -0400 "James B. Byrne"
<byrn...@harte-lyne.ca> wrote:
So, is there any convenient way to construct an IPTables rule to block
all IPs associated with a given Domain Name server?
Doing DNS queries within the kernel netfilter path would be bad.
You could run a cron job to update an iptables chain periodically with the
results of a dig query. Some Perl could be used to do the query and
generate the iptables commands.
_______________________________________________
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
