Creating rules to allow access to/from dyndns.org hostnames

General discussions about Little Snitch
kzintar
Posts: 1
Joined: Wed Aug 01, 2018 7:58 pm

Creating rules to allow access to/from dyndns.org hostnames

Postby kzintar » Wed Aug 01, 2018 11:48 pm

Apologies for creating a new topic for this issue if one already exists, but a quick search of the forums didn't find anything that seems to apply.

I have a server with with an ISP (DHCP) assigned IP address.

The ISP changes the IP address periodically, so I use dyndns in order to remotely access the server by name (instead of by IP address.)

I've tried creating a Little Snitch rule to permit an outgoing connection to the server by name, but Little Snitch insists on ignoring this rule and prompts me to allow access by the server's IP address.

FWIW, I've tried creating both 'hostname' and 'domain' rules, but whether the rule is based on 'hostname' or 'domain', Little Snitch ignores the fact that the the server's hostname name (e.g., xyzzy123.dyndns.org) resolves to the IP address (e.g., 12.34.56.78) and an attempt to access xyzzy123.dyndns.org will result in a Little Snitch prompt that asks me to approve access to IP address 12.34.56.78.

Yes, I've confirmed that xyzzy123.dyndns.org resolves to 12.34.56.78.

No, using a range of IP addresses in a rule isn't an option nor a solution (for me). Two reasons... 1) I don't want my MacBook to be able to access *any* IP addresses that I don't recognize & specifically approve (this is why I use Little Snitch :-) 2) I use dyndns *specifically* so that I don't need to know the IP address of my server; I don't want to have to know the server's IP address in order to approve Little Snitch's prompts.

Examples of the rules follow below.

Am I doing something wrong in these rules?

If I'm not doing something wrong, how do I submit a bug report?

If this behavior isn't viewed as a 'bug', how do I submit an enhancement request?

Thanks,

kz.

rule examples...

hostname rule:
action: allow
direction: outgoing
priority: regular
process: /usr/libexec/awacsd
owner: system
destination: xyzzy123.dyndns.org
port: any
protocol: any

domain rule:
action: allow
direction: outgoing
priority: regular
process: /usr/libexec/awacsd
owner: system
destination: domain xyzzy123.dyndns.org
port: any
protocol: any

Return to “Little Snitch General”

Who is online

Users browsing this forum: No registered users and 1 guest