Iptables rules to access a specific domain

Hi,

I use iptables to block certain worstations on a network from
accessing the Internet. I want these workstations to access a
specific domain like www.xyz.com which web site is composed of
multiple web servers from many different ip adresses. Is there a way
to do this ?

Exemple: www.xyz.com =67.99.11.11 wich have pictures from www.abc.com
at 66.77.88.99 wich may change anytime

Thanks

Alain Chagnon

Re: Iptables rules to access a specific domain

Post removed (X-No-Archive: yes)

Re: Iptables rules to access a specific domain

Hello Alain,

> I use iptables to block certain worstations on a network from
> accessing the Internet. I want these workstations to access a specific
> domain like www.xyz.com which web site is composed of multiple web
> servers from many different ip adresses. Is there a way to do this ?

You have to get all IP addresses and put them in iptables. iptables resolves
host names at "compile" time.

Dig is your friend to find out what IP addresses to add;

dig www.microsoft.com

www.microsoft.com. 3600 IN CNAME toggle.www.ms.akadns.net.
toggle.www.ms.akadns.net. 300 IN CNAME g.www.ms.akadns.net.
g.www.ms.akadns.net. 300 IN CNAME lb1.www.ms.akadns.net.
lb1.www.ms.akadns.net. 300 IN A 207.46.225.60
lb1.www.ms.akadns.net. 300 IN A 207.46.18.30
lb1.www.ms.akadns.net. 300 IN A 207.46.19.30
lb1.www.ms.akadns.net. 300 IN A 207.46.19.60
lb1.www.ms.akadns.net. 300 IN A 207.46.20.30
lb1.www.ms.akadns.net. 300 IN A 207.46.198.30
lb1.www.ms.akadns.net. 300 IN A 207.46.198.60
lb1.www.ms.akadns.net. 300 IN A 207.46.199.30

---
Helge Olav Helgesen
http://www.helge.net