Allow domain-names in ExitPolicy
Apparently ExitPolicy will only take an IP address literal (no domain names); when I try that, I get error messages like:
[warn] Malformed IP "chat.freenode.net" in address pattern; rejecting. [warn] Couldn't parse line "chat.freenode.net:6665-6667". Dropping
If I list a domain-name there, I guess there are two ways it could be interpreted:
- At load-time, pull DNS records, follow all pointers, translate all A and AAAA records
- At connection-time (for all connections), do a reverse lookup, compare to the result
For maximum flexibility, support both, on a per-rule basis?
Trac:
Username: davidl
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information