iptables caching domain?

positiveman87 · 08-18-2015, 06:07 AM

Hi guys

I am using a dynamic DNS service so my home dynamic IP can be linked to a domain.

I then have that domain in my IPTABLES firewall to allow all access.

The problem I am having is I think iptables is caching the domain. E.g if I login in the day and then again in the night.. iptables will still have the IP address from the day even though it has changed and updated via the dynamic DNS

The only way I have found to get around this is restart iptables. It works fine then.

Is there a way to force iptables not to cache a domain?

I don't believe it is linux dns caching as I used DIG which returns the correct IP address for the domain, whilst iptables still appears to see the old one.

smallpond · 08-18-2015, 06:32 AM

You want iptables to do a DNS lookup on every packet? Are you aware that DNS lookups go through iptables?

positiveman87 · 08-18-2015, 07:24 AM

Quote:

Originally Posted by smallpond

You want iptables to do a DNS lookup on every packet? Are you aware that DNS lookups go through iptables?

What would be the best way to achieve my goal?

I need a Dynamic DNS service to link my dynamic IP to a static domain but it is of no use if iptables can't retrieve the latest dns record for the said domain.

Perhaps if there was a way to specify MUST DO A DNS LOOKUP EVERYTIME FOR THIS PARTICULAR DOMAIN?

smallpond · 08-18-2015, 12:27 PM

Best way would be to have your dynamic dhcp client restart iptables when it gets a new IP.