[Firehol-support] Recommended method to re-resolve domain names
Mitch Claborn
mitch_ml at claborn.net
Tue Jul 31 23:14:54 BST 2018
I haven't found a built-in clean way to use IPSets for dynamic DNS
entries. The ipset helper command in firehol works well for the initial
setup, but I don't see a way to just run firehol to update the ipsets
without also rebuilding the firewall.
I tried "ipset addfile" but it appears to ignore host names and only
adds IP addresses. If it would handle host names then I could use "ipset
addfile" from firehol.conf and "firehol ipset_update_from_file" from a
script run from cron.
Another (untested) idea would be to put all of the firehol ipset helper
commands in a single file, included with "source" in firehol.conf. I
could then, in theory, run just that file from a cron script to update
the ipset collections. Not sure if that will work or not, I'll try it
tomorrow.
I'm open to suggestions/thoughts on how to make this work.
Mitch
> On 07/26/2018 12:07 AM, Phil Whineray wrote:
>> In the modern age, ipsets are the way to go [1]. Just update them from
>> crontab.
More information about the Firehol-support
mailing list