Adding a rule in iptables with destination ip that won't resolved to it domain
I'm adding this rule in iptables with the following IP address as destination:
iptables -A FOR_FILTER -d 66.235.138.59 -j ACCEPT
it added it successfully with the following result:
ACCEPT all -- anywhere *.d1.sc.omtrdc.net
The rule I wanted to apply to 66.235.138.59 won't work because of this DNS resolve. I would like to add the IP address as is, so iptables won't add the resolved domain.
something like this(but it doesn't work):
iptables -A FOR_FILTER -d "66.235.138.59" -j ACCEPT
iptables -A FOR_FILTER -d '66.235.138.59' -j ACCEPT
Solution 1:
Iptables use IP addresses internally, if you don't want to see any DNS names when listing the rules, use iptables -L -n
- it disables reverse DNS lookup.
Solution 2:
Two things to your question. One, as CodePainters noted, you need to use -n
switch to see IP address in the listing of iptable rules.
Second thing is, iptables process rules in an order. If some previous rule forbade the connection, then adding another rule (-A adds at the end of the chain) will not help. You need to analyse the whole configuration, not just a single rule.