[Dnsmasq-discuss] Integration with iptables?
Joachim Zobel
jz-2014 at heute-morgen.de
Fri Jun 12 06:53:40 BST 2015
Hi.
A use case for my router would be:
Block every outgoing traffic except for that going to the domain
whatsapp.net. Note: No way to do this by port, whatsapp is using
http(s).
Since there is no way to list the hosts in a domain this would require a
way for dnsmasq to talk to iptables. Any suggestions on how to do that?
tail -f dnsmasq-query.log | add_iptables_rules.sh
could do that, but maybe this is worth implementing a way to talk to
iptables. Can iptables tag ip addresses?
There are lots of similar use cases, e.g.:
Block everything from my tv except for
1. the request to test network connectivity and
2. all traffic going to netflix.
In general, control over the outgoing traffic needs cooperation from
dns.
Sincerely,
Joachim
More information about the Dnsmasq-discuss
mailing list