Hi,

Seems to me host.rules doesnt resolve dns back to ips?
POLICY DENY
CLASS USERS -1

ACCEPT I 1.2.3.4 USERS 10

works fine, if i bind this ip to a mine.nu host like test.mine.nu
and change the ACCEPT line to

ACCEPT H test.mine.nu USERS 10

it wont work.
Would be nice if this worked (for entry bnc boxes with dyn ips for instance or whatever other uses)
:banana:

The problem is that dynamic dns names will always resolve to the box ip even if it changes but the box ip will never resolve to this hostname (unless it's your own dynamic dns service).
In your case, your host test.mine.nu resolves to your box's ip, let's say 1.3.3.7, but if you try to reverse dns the ip 1.3.3.7 you won't get the test.mine.nu hostname.

Yea i know that, i just thought io would try to resolve the dns and try to match that with the ip connecting.

I guess it purely compares host names only.

Maybe this could be implemented (although i will probably solve my matter to use a static ip'ed bnc box), some other peeps might find some use in it :confused:
Thanks for info harm

Originally posted by Unique
i just thought io would try to resolve the dns and try to match that with the ip connecting. Nope. It doesn't because it decrease performance.
This is discussed more in another thread somewhere.