[Firehol-support] Recommended method to re-resolve domain names
Mitch Claborn
mitch_ml at claborn.net
Fri Jul 27 00:07:23 BST 2018
Do you recommend updating the ipsets using firehol commands or native
commands?
Mitch
On 07/26/2018 12:07 AM, Phil Whineray wrote:
> Hi Mitch
>
> On Wed, Jul 25, 2018 at 04:55:06PM -0500, Mitch Claborn wrote:
>> Apologies if this has been asked and answered before. The mailing list
>> archives search function isn't working so I can't look for an answer there.
>
> Yes, sorry, it relies on gmane which seems to still be broken. There
> haven't been any updates on their blog since late 2016.
>
>> I'm using firehol 3.1.5 on Ubuntu 18.04. My configuration includes several
>> domain names, some of which are dynamic DNS entries, so the underlying IP
>> address may change from time to time. What is the recommended method for
>> periodically re-resolving those domain names using firehol without
>> disrupting current network activity?
>
> In the modern age, ipsets are the way to go [1]. Just update them from
> crontab.
>
>> In the past I've just added a "firehol start" to crontab. That works OK for
>> resolving the names, but with Ubuntu 18.04 I suspect that method is
>> disrupting existing traffic, especially long running rsync commands.
>
> I would expect this to OK using the default settings, although I'm
> not sure if the new fast activation mode would re-resolve your IPs.
>
> Hope that helps
> Phil
>
> 1: https://firehol.org/guides/ipset/
> _______________________________________________
> Firehol-support mailing list
> Firehol-support at lists.firehol.org
> http://lists.firehol.org/mailman/listinfo/firehol-support
>
More information about the Firehol-support
mailing list