I am searching for how to create Traffic Rules restricting source address to fqdns domain name, not ip address numbers in quad-dotted notation?
I found and read information on the packages of ipset and resolveip however I do not see any method for configuring in luci webgui to restrict source addresses in Firewall Traffic Rules to fqdns without specifying a numbered ip.ip.ip.ip
Just a thought on why this is not trivial: Packets do not have a source/destination FQDNS, they have a source/destination IP address. So, when should the FQDNS be resolved to an IP address? When the rule is created? Each time a packet reaches the firewall?
What's the use case here?
As someone mentioned, when should we resolve the domain? And the most important thing: What's considered to be trustworthy source? If your DNS is pointing to one with not up-to-date information, then your firewall rule will be acting upon a wrong connection stream. And also, what if DNS lookup failed? Then your firewall simply stuck because it can't lookup.