First I would like to describe my home network: I have one dedicated machine that works as a NAT firewall / DNS / DHCP server. That machine is the only one with direct contact to the Internet and it's "always" on (a reboot every second month, or so). That machine is also the only one with a fix IP (XXX.XXX.XXX.254). Every other machine (a couple of different Linux boxes and one Win2k machine) connects with DHCP. One Linux box is a Samba server.
Now for the problem. I want the Samba server to allow connections from other machines based on their hostnames in the DNS. I've written a very restrictive set of iptables rules that is started before I bring up eth0. Those rules only allow contact with the DHCP server. Then I've written some rules that allow SMB connect with specific machines. Like these:
-I RH-Lokkit-0-50-INPUT -s crap.homenet -p udp --dport 137:138 -j ACCEPT
-I RH-Lokkit-0-50-INPUT -s crap.homenet -p tcp --dport 139 -j ACCEPT
These rules are added after eth0 is activated and then iptables seems to resolve the name for an ip. The problem is that if "crap" (in this case) isn't on when I start the Samba server, then it's never allowed to connect, since the lookup fails.
How is this solved? Is it possible to write iptables rules that resolves the hostname "on demand"?
Thanks in advance!