[Firehol-support] Recommended method to re-resolve domain names
Phil Whineray
phil at firehol.org
Thu Aug 2 06:56:02 BST 2018
On Wed, Aug 01, 2018 at 05:05:07PM -0500, Mitch Claborn wrote:
> That will work for the periodic update, but can I use that same technique
> for when firehol starts at boot time, without keeping two separate config
> files - one in the script and one for firehol? I would need some way to
> invoke that script before firehol starts the first time.
Yes, the firehol config is just a bash script, so you can call external
commands.
A note of caution though: ideally your firewall will come up before your
network interfaces, so that you are protected from the outset. This
means you cannot reliably resolve DNS entries.
Do you need it to re-resolve at boot time? i.e. is loading the last set
before reboot not sufficient, or will the host be down for extended periods?
Cheers
Phil
More information about the Firehol-support
mailing list