Hi there!
I need to block ICMP echo requests from all addresses except one defined by hostname. I created two firewall rules. First one allows ICMP echo requests from needed host and the second blocks all other ICMP requests. For example I’m trying to ping my machine by ping service on kloth.net. It’s pinging me from address 88.198.39.133. When I set this address in the first rule all works fine. Only this host can ping me. But when I set in the first rule hostname given by command ‘nslookup 88.198.39.133’ (it’s a gnu.qrq.de) firewall blocks pings by the second rule. I thought may be this domain name is resolved by DNS to another IP address. But I’ve tried to resolve name ‘gnu.qrq.de’ by nslookup and it has been resolved to the same IP address, 88.198.39.133. What’s wrong? How works filtering by hostname generally? Sends firewall reverse DNS request with IP address from header of packet while deciding allow or not this packet? Or is it realized by another way?