Egress filtering to update.host.com instead of xx.xx.xx.xx?
I'm running 1.2.3-RC3 and have the pfSense book and pfSense is running very nicely in general. The book is a big help and has answered all but one of my questions …
My current task is to move a mail server running on XP-Pro (AltN MDaemon) behind the OPT1 interface - this has gone well except that the mail server checks some external hosts for virus updates, Spam Assassin rule updates etc. I can allow these checks to specific IP addresses but I'd prefer to write a rule that allowed access to a URL.
However the alias and rules all seem to want IP addresses - not URLs. Is there a way to allow access to a URL (update.host.com) instead of entering the IP address as xx.xx.xx.xx?
Obviously, IP addresses can change so a rule based on allowing access to an IP address will break if the host moves.
Sorry, PF (the filter system) generates rules that use IP addresses.
OK, thanks for the quick answer - I was afraid that might be the case. The ability to use URL's into the rules (or at least into an alias) would be a nice feature at some point in the future.
Until that day arrives I'll hard code the IP addresses into an alias.