[Firehol-support] Recommended method to re-resolve domain names
Phil Whineray
phil at firehol.org
Thu Jul 26 06:07:28 BST 2018
Hi Mitch
On Wed, Jul 25, 2018 at 04:55:06PM -0500, Mitch Claborn wrote:
> Apologies if this has been asked and answered before. The mailing list
> archives search function isn't working so I can't look for an answer there.
Yes, sorry, it relies on gmane which seems to still be broken. There
haven't been any updates on their blog since late 2016.
> I'm using firehol 3.1.5 on Ubuntu 18.04. My configuration includes several
> domain names, some of which are dynamic DNS entries, so the underlying IP
> address may change from time to time. What is the recommended method for
> periodically re-resolving those domain names using firehol without
> disrupting current network activity?
In the modern age, ipsets are the way to go [1]. Just update them from
crontab.
> In the past I've just added a "firehol start" to crontab. That works OK for
> resolving the names, but with Ubuntu 18.04 I suspect that method is
> disrupting existing traffic, especially long running rsync commands.
I would expect this to OK using the default settings, although I'm
not sure if the new fast activation mode would re-resolve your IPs.
Hope that helps
Phil
1: https://firehol.org/guides/ipset/
More information about the Firehol-support
mailing list