DNS-based firewall rules

Would really like the ability to create rules based on DNS. Such as block all containing .malware.com or allow all \FriendsLANpc.

isn’t more simple add a rule to global rules group and block the ip od .malwarecom?

It’s a limited tool. You can’t for example put network zones like that. If I wanted to add “\Buddy” to the trusted networks I couldn’t. Also IPs change.