Egress filtering to update.host.com instead of xx.xx.xx.xx?
-
I'm running 1.2.3-RC3 and have the pfSense book and pfSense is running very nicely in general. The book is a big help and has answered all but one of my questions …
My current task is to move a mail server running on XP-Pro (AltN MDaemon) behind the OPT1 interface - this has gone well except that the mail server checks some external hosts for virus updates, Spam Assassin rule updates etc. I can allow these checks to specific IP addresses but I'd prefer to write a rule that allowed access to a URL.
However the alias and rules all seem to want IP addresses - not URLs. Is there a way to allow access to a URL (update.host.com) instead of entering the IP address as xx.xx.xx.xx?
Obviously, IP addresses can change so a rule based on allowing access to an IP address will break if the host moves.
-
Sorry, PF (the filter system) generates rules that use IP addresses.
-
OK, thanks for the quick answer - I was afraid that might be the case. The ability to use URL's into the rules (or at least into an alias) would be a nice feature at some point in the future.
Until that day arrives I'll hard code the IP addresses into an alias.