Example
let's say I'm with iptables or nftables
I want to allow a certain traffic like the following one:
iptables -A OUTPUT -d 192.168.1.1 -p udp --dport 53 -j ACCEPT
iptables -A INPUT -s 192.168.1.1 -p udp --sport 53 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
can be the first rule be expanded including also the inspection of the packet containing the dns query and allowing only the packet containing *.wetransfer.com as query requested otherwise drop?
I think this should fall in what is called Deep Packet Inspection, but how can be done in terms of iptables/nftables?