Allow domain-names in ExitPolicy

Apparently ExitPolicy will only take an IP address literal (no domain names); when I try that, I get error messages like:

[warn] Malformed IP "chat.freenode.net" in address pattern; rejecting. [warn] Couldn't parse line "chat.freenode.net:6665-6667". Dropping

If I list a domain-name there, I guess there are two ways it could be interpreted:

1. At load-time, pull DNS records, follow all pointers, translate all A and AAAA records
2. At connection-time (for all connections), do a reverse lookup, compare to the result

For maximum flexibility, support both, on a per-rule basis?

Trac:
Username: davidl