How to whitelist domain from firewall

[sawbuck]

You can only whitelist by IP.

[NotLim]

try csf.dyndns

[Spork Schivago]

I believe NotLim is correct and csf.dyndns is the correct file to list the domain(s) you want whitelisted.

According to the file:

Code: Select all

###############################################################################
# The following FQDN's will be allowed through the firewall. This is controlled
# by lfd which checks the DNS resolution of the FQDN and adds the ip address
# into the ALLOWDYNIN and ALLOWDYNOUT iptables chains. lfd will check for IP
# updates every DYNDNS seconds if set.
#
# If the FQDN has multiple A records then all of the IP addresses will be
# processed. If IPV6 is enabled and the perl module Socket6 from cpan.org is
# installed, then all IPv6 AAAA IP address records will also be allowed.
#
# Only list fully qualified domain names (FQDN's) in this file, either on their
# own to allow full access, or using Advanced Allow/Deny Filters (see
# readme.txt)
#

I believe this would be an example of the Advanced Allow / Deny Filters, which I found in the readme.txt

Code: Select all

# TCP connections inbound to port 22 from Dynamic DNS address
# www.configserver.com (for use in csf.dyndns only)
tcp|in|d=22|s=www.configserver.com

I believe this would allow TCP connections from www.configserver.com on port 22.

I think something like

Code: Select all

in|d=22|s=www.configserver.com

would allow all packet types from www.configserver.com in through port 22.

I hope this helps.