Adding a rule in iptables with destination ip that won't resolved to it domain

linux domain-name-system iptables

I'm adding this rule in iptables with the following IP address as destination:

iptables -A FOR_FILTER -d 66.235.138.59 -j ACCEPT

it added it successfully with the following result:

ACCEPT     all  --  anywhere             *.d1.sc.omtrdc.net

The rule I wanted to apply to 66.235.138.59 won't work because of this DNS resolve. I would like to add the IP address as is, so iptables won't add the resolved domain.

something like this(but it doesn't work):

iptables -A FOR_FILTER -d "66.235.138.59" -j ACCEPT
iptables -A FOR_FILTER -d '66.235.138.59' -j ACCEPT

Solution 1:

Iptables use IP addresses internally, if you don't want to see any DNS names when listing the rules, use iptables -L -n - it disables reverse DNS lookup.

Solution 2:

Two things to your question. One, as CodePainters noted, you need to use -n switch to see IP address in the listing of iptable rules.

Second thing is, iptables process rules in an order. If some previous rule forbade the connection, then adding another rule (-A adds at the end of the chain) will not help. You need to analyse the whole configuration, not just a single rule.

Related

Limiting 7zip CPU usage on Windows Server 2008 (from batch file)
LUNs and virtual machines
Git clone with user and password
Only allow GET request with htaccess?
Add last user logged in into AD Users and Computers description field
How do you configure a \\domain\sharedFolder in windows 2008?
VoIP PBX, custom build or appliance?
What's wrong with my SPF?
Best Amazon AWS region for Australian website?
cant get upstart script for node.js program to start on startup
How do I turn off etckeeper. It's preventing me from upgrading Ubuntu
How would I run two different web servers on the same server?