On Sat, May 20, 2006 at 09:40:15AM +1200, Volker Kuhlmann wrote: > This isn't good enough, .... you are relying on the assumption that > that when the host command runs, the rest of the iptables rules > are already set up, especially the DNS related ones.
I understand your point about the difficulties of adding rules for a DNS address when using bulk commit but I was writing about a changing smtp-relay addresses. > You will have to keep the IP numbers you wish to look up for your > iptables script in a file, which is updated independently of your > iptables service, at a time when the iptables service is guaranteed to > be already up. This may cost you 2 iterations - start iptables, look up > your variable IP numbers, restart iptables. thanks for the advice. --- keith.
