diff --git a/roles/iptables/templates/ip6tables.j2 b/roles/iptables/templates/ip6tables.j2
index bb22bcb..1cd83c5 100644
--- a/roles/iptables/templates/ip6tables.j2
+++ b/roles/iptables/templates/ip6tables.j2
@@ -12,8 +12,13 @@
 {% endif %}
 {% for rule in firewall_in %}
 {%   if rule.from is defined %}
-{%     for from in rule.from | ipv6 %}
+{%     for from in rule.from %}
+{%       if not from | ipv4 and not from | ipv6 %}
+{%         set from = lookup('dig', from) %}
+{%       endif %}
+{%       if from | ipv6 %}
 -A INPUT -m state --state NEW -m {{ rule.proto }} -p {{ rule.proto }} -s {{ from }} --dport {{ rule.port }} -j ACCEPT
+{%       endif %}
 {%     endfor %}
 {%   else %}
 -A INPUT -m state --state NEW -m {{ rule.proto }} -p {{ rule.proto }} --dport {{ rule.port }} -j ACCEPT
diff --git a/roles/iptables/templates/iptables.j2 b/roles/iptables/templates/iptables.j2
index 2e558a1..3067542 100644
--- a/roles/iptables/templates/iptables.j2
+++ b/roles/iptables/templates/iptables.j2
@@ -12,8 +12,13 @@
 {% endif %}
 {% for rule in firewall_in %}
 {%   if rule.from is defined %}
-{%     for from in rule.from | ipv4 %}
+{%     for from in rule.from %}
+{%       if not from | ipv4 and not from | ipv6 %}
+{%         set from = lookup('dig', from) %}
+{%       endif %}
+{%       if from | ipv4 %}
 -A INPUT -m state --state NEW -m {{ rule.proto }} -p {{ rule.proto }} -s {{ from }} --dport {{ rule.port }} -j ACCEPT
+{%       endif %}
 {%     endfor %}
 {%   else %}
 -A INPUT -m state --state NEW -m {{ rule.proto }} -p {{ rule.proto }} --dport {{ rule.port }} -j ACCEPT