On Fri, Mar 22, 2002 at 01:40:49PM +0100, LuisMi wrote: > HI, I want to reject a traffic from a domain, and I wanted to know how is > possible to do that, will be correct if I write... > > iptables -A blacklisted -i eth0 -s .aureate.com -j DROP ????
Sorry, that's not really possible. You can operate on a netblock basis (192.168.0.0/16, say, for everything from 192.168.0.0 to 192.168.255.255), but the kernel doesn't deal with DNS names at all, only IP addresses. If you know that everything you want to allow to access that system will be within a particular IP block, then using mask notation (as above) would be your best bet. -- Derrik Pates | Sysadmin, Douglas School | #linuxOS on EFnet [EMAIL PROTECTED] | District (dsdk12.net) | #linuxOS on OPN
