3

I have a CentOS server and only want to allow outgoing connections to specific domains. (allowlist) My thought was to have a DNS proxy which adds the allowed ips (only ipv4 needed) to nftable named sets. Is there an easy solution for this already?

Edit: Alternatively I would create a script which would update the entries in /etc/hosts and nftables, but it seams a bit error-prone to me, if the server-ip changes.

Alai
  • 83
  • 1
  • 1
  • 5

1 Answers1

1

I created a script which updates the entries in /etc/hosts and a set in nftables. It works well without problems, also I don't think it is an elegant solution.

Alai
  • 83
  • 1
  • 1
  • 5