Dynamically receive IPs

Dynamically receive IPs

Post by Jigne » Sun, 06 Jul 2003 15:45:43



Hello,

I have developed Firewall on FreeBSD 4.7. When any packet is received
by Firewall, IP is search in relational database. If firewall finds ip
in database then URL is blocked otherwise URL is allowed to user.

Problem

I have entered URL "www.yahoo.com" and its all possible IPs. But some
time firewall is restricting URL and some time it is not. Then i found
that firewall is taking diffrent ip which i have not entered in
database.

1) How can i receive all possible IPs of URL (like
www.google.com,www.yahoo.com)?
2) Since IPs on Net are frequently change. How can i manage all this
changes?

Thanking You.

 
 
 

Dynamically receive IPs

Post by Nick Gazaloff81460722 » Sun, 06 Jul 2003 16:07:52


On 4 Jul 2003 23:45:43 -0700


> Hello,

> I have developed Firewall on FreeBSD 4.7. When any packet is received
> by Firewall, IP is search in relational database. If firewall finds ip
> in database then URL is blocked otherwise URL is allowed to user.

> Problem

> I have entered URL "www.yahoo.com" and its all possible IPs. But some
> time firewall is restricting URL and some time it is not. Then i found
> that firewall is taking diffrent ip which i have not entered in
> database.

> 1) How can i receive all possible IPs of URL (like
> www.google.com,www.yahoo.com)?
> 2) Since IPs on Net are frequently change. How can i manage all this
> changes?

> Thanking You.


; <<>> DiG 9.2.2 <<>> www.yahoo.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63418
;; flags: qr rd ra; QUERY: 1, ANSWER: 9, AUTHORITY: 8, ADDITIONAL: 0

;; QUESTION SECTION:
;www.yahoo.com.                 IN      A

;; ANSWER SECTION:
www.yahoo.com.          1800    IN      CNAME   www.yahoo.akadns.net.
www.yahoo.akadns.net.   300     IN      A       216.109.125.65
www.yahoo.akadns.net.   300     IN      A       216.109.125.66
www.yahoo.akadns.net.   300     IN      A       216.109.125.68
www.yahoo.akadns.net.   300     IN      A       216.109.125.71
www.yahoo.akadns.net.   300     IN      A       216.109.125.75
www.yahoo.akadns.net.   300     IN      A       216.109.125.76
www.yahoo.akadns.net.   300     IN      A       216.109.125.77
www.yahoo.akadns.net.   300     IN      A       216.109.125.78

;; AUTHORITY SECTION:
akadns.net.             35206   IN      NS      zc.akadns.net.
akadns.net.             35206   IN      NS      zf.akadns.net.
akadns.net.             35206   IN      NS      use2.akam.net.
akadns.net.             35206   IN      NS      use4.akam.net.
akadns.net.             35206   IN      NS      usw5.akam.net.
akadns.net.             35206   IN      NS      asia3.akam.net.
akadns.net.             35206   IN      NS      ns1-93.akam.net.
akadns.net.             35206   IN      NS      ns1-159.akam.net.

;; Query time: 529 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Jul  5 11:01:41 2003
;; MSG SIZE  rcvd: 352

You can use a resolver library (e.g. your system's one) for it. But this is not a solution to call a resolver on every packet. If all you want to do is blocking URLs, then install an HTTP proxy server like Squid which can block them very effectively.

--

Best regards,
Nick
(GPG Key ID: 4396B2D0, fingerprint: 648E C3FE ACF6 A730 FF52 D717 776D 1CB0 4396 B2D0)