Dynamically receive IPs

Jignesh · Jignesh

Hello,

I have developed Firewall on FreeBSD 4.7. When any packet is received
by Firewall, IP is search in relational database. If firewall finds ip
in database then URL is blocked otherwise URL is allowed to user.

Problem

I have entered URL "www.yahoo.com" and its all possible IPs. But some
time firewall is restricting URL and some time it is not. Then i found
that firewall is taking diffrent ip which i have not entered in
database.

1) How can i receive all possible IPs of URL (like
[url]www.google.com,www.yahoo.com)?[/url]
2) Since IPs on Net are frequently change. How can i manage all this
changes?

Thanking You.

Nick Gazaloff814607220 · Nick Gazaloff814607220

On 4 Jul 2003 23:45:43 -0700
[email]tosc8@yahoo.co.in[/email] (Jignesh) wrote:

> Hello,
>
> I have developed Firewall on FreeBSD 4.7. When any packet is received
> by Firewall, IP is search in relational database. If firewall finds ip
> in database then URL is blocked otherwise URL is allowed to user.
>
> Problem
>
> I have entered URL "www.yahoo.com" and its all possible IPs. But some
> time firewall is restricting URL and some time it is not. Then i found
> that firewall is taking diffrent ip which i have not entered in
> database.
>
> 1) How can i receive all possible IPs of URL (like
> [url]www.google.com,www.yahoo.com)?[/url]
> 2) Since IPs on Net are frequently change. How can i manage all this
> changes?
>
> Thanking You.

[nick@beta ~]$ dig [url]www.yahoo.com[/url]

; <<>> DiG 9.2.2 <<>> [url]www.yahoo.com[/url]
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63418
;; flags: qr rd ra; QUERY: 1, ANSWER: 9, AUTHORITY: 8, ADDITIONAL: 0

;; QUESTION SECTION:
;[url]www.yahoo.com[/url]. IN A

;; ANSWER SECTION:
[url]www.yahoo.com[/url]. 1800 IN CNAME [url]www.yahoo.akadns.net[/url].
[url]www.yahoo.akadns.net[/url]. 300 IN A 216.109.125.65
[url]www.yahoo.akadns.net[/url]. 300 IN A 216.109.125.66
[url]www.yahoo.akadns.net[/url]. 300 IN A 216.109.125.68
[url]www.yahoo.akadns.net[/url]. 300 IN A 216.109.125.71
[url]www.yahoo.akadns.net[/url]. 300 IN A 216.109.125.75
[url]www.yahoo.akadns.net[/url]. 300 IN A 216.109.125.76
[url]www.yahoo.akadns.net[/url]. 300 IN A 216.109.125.77
[url]www.yahoo.akadns.net[/url]. 300 IN A 216.109.125.78

;; AUTHORITY SECTION:
akadns.net. 35206 IN NS zc.akadns.net.
akadns.net. 35206 IN NS zf.akadns.net.
akadns.net. 35206 IN NS use2.akam.net.
akadns.net. 35206 IN NS use4.akam.net.
akadns.net. 35206 IN NS usw5.akam.net.
akadns.net. 35206 IN NS asia3.akam.net.
akadns.net. 35206 IN NS ns1-93.akam.net.
akadns.net. 35206 IN NS ns1-159.akam.net.

;; Query time: 529 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Jul 5 11:01:41 2003
;; MSG SIZE rcvd: 352

You can use a resolver library (e.g. your system's one) for it. But this is not a solution to call a resolver on every packet. If all you want to do is blocking URLs, then install an HTTP proxy server like Squid which can block them very effectively.

--

Best regards,
Nick
(GPG Key ID: 4396B2D0, fingerprint: 648E C3FE ACF6 A730 FF52 D717 776D 1CB0 4396 B2D0)

Dynamically receive IPs

Thread Tools

Display

Dynamically receive IPs

Similar Questions and Discussions

Can't download, just receive a red X

receive e-mails

how to receive e-mails

socket receive

Receive data from a swf

Re: Dynamically receive IPs

Posting Permissions