On 09/11/2010 09:49, Mike Cardwell wrote:
>> Todd Lyons <tlyons@???> (Mo 08 Nov 2010 23:42:02 CET):
>>> iptables should be able to do this. We use iptables to redirect port
>>> 80 to some other port. It should be trivial to make the redirection
>>> to your exim port apply to some specific source addresses, then add a
>>> second default redirection to a different port for the rest.
>>
>> iptables can't reverse resolve ip addresses at runtime, as far as I
>> know.
>>
>> So if you'd like to setup some redirection based on *.badhosts.com,
>> it is not easy using plain iptables for this.
>
> You could use the QUEUE target, but you'd need to write a small
> application to do the reverse lookups. You can access libipq through
> Perl using http://search.cpan.org/~jmorris/perlipq-1.25/IPQueue.pm
Actually, I'm not sure you can do anything more complicated than
accept/drop with that.
--
Mike Cardwell - Perl/Java/Web/Linux/Email developer and sysadmin
PGP Key(0018461F) - 35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
Read my tech Blog - https://secure.grepular.com/
Follow me on Twitter - https://twitter.com/mickeyc
Hire me - http://cardwellit.com/ - http://linkedin.com/in/mikecardwell