--- tcp_wrappers_7.6/tcpd.h.220015	2007-06-06 14:46:32.000000000 +0200
+++ tcp_wrappers_7.6/tcpd.h	2007-06-06 14:50:44.000000000 +0200
@@ -171,6 +171,8 @@
 extern void sock_hostname __P((struct host_info *));
 /* address to printable address */
 extern void sock_hostaddr __P((struct host_info *));
+/* resolve hostname */
+extern const char * sock_resolve __P((const char *hostname, int family));
 
 #define sock_methods(r) \
 	{ (r)->hostname = sock_hostname; (r)->hostaddr = sock_hostaddr; }
--- tcp_wrappers_7.6/hosts_access.c.220015	2007-06-06 14:46:32.000000000 +0200
+++ tcp_wrappers_7.6/hosts_access.c	2007-06-06 14:46:32.000000000 +0200
@@ -312,8 +312,28 @@
     } else if ((mask = split_at(tok, '/')) != 0) {	/* net/mask */
 	return (masked_match(tok, mask, eval_hostaddr(host)));
     } else {					/* anything else */
-	return (string_match(tok, eval_hostaddr(host))
-	    || (NOT_INADDR(tok) && string_match(tok, eval_hostname(host))));
+	int ret;
+	if ((ret = string_match(tok, eval_hostaddr(host))))
+	    return ret;
+
+	if (NOT_INADDR(tok)) {
+	    if ((ret = string_match(tok, eval_hostname(host))))
+		return ret;
+
+	    /* try to resolve the pattern and match the numeric
+	     * addresses */
+	    const char *tok_resolved = sock_resolve(tok, AF_INET);
+	    if (HOSTNAME_KNOWN(tok_resolved))
+		if ((ret = string_match(tok_resolved, eval_hostaddr(host))))
+		    return ret;
+
+	    tok_resolved = sock_resolve(tok, AF_INET6);
+	    if (HOSTNAME_KNOWN(tok_resolved))
+		if ((ret = string_match(tok_resolved, eval_hostaddr(host))))
+		    return ret;
+	}
+
+	return (NO);
     }
 }
 
--- tcp_wrappers_7.6/socket.c.220015	2007-06-06 14:46:32.000000000 +0200
+++ tcp_wrappers_7.6/socket.c	2007-06-06 14:46:32.000000000 +0200
@@ -435,3 +435,43 @@
 
     (void) recvfrom(fd, buf, sizeof(buf), 0, (struct sockaddr *) & sin, &size);
 }
+
+/* sock_resolve - resolve the hostname to ip and return a string */
+
+const char * sock_resolve(hostname, family)
+const char * hostname;
+int family;
+{
+    static struct host_info h;
+
+    memset(&h, 0, sizeof(h));
+
+    int ret;
+    struct addrinfo hints, *res;
+
+    memset(&hints, 0, sizeof(hints));
+    hints.ai_family = family;
+    hints.ai_socktype = SOCK_STREAM;
+    hints.ai_flags = AI_PASSIVE;
+
+    if ((ret = getaddrinfo(hostname, NULL, &hints, &res)) == 0) {
+	h.sin = res->ai_addr;
+	sock_hostaddr(&h);
+	freeaddrinfo(res);
+
+	/* we have to add [] to the ipv6 address, as the string_match funtion
+	 * will do a more correct match then */
+	if (family == AF_INET6) {
+	    int len = strlen(h.addr);
+	    memmove(h.addr + 1, h.addr, len + 1);
+	    h.addr[0] = '[';
+	    h.addr[len + 1] = ']';
+	    h.addr[len + 2] = 0;
+	}
+
+	return h.addr;
+    } else {
+	tcpd_warn("can't get pattern (%s) address: %s", hostname, gai_strerror(ret));
+	return STRING_UNKNOWN;
+    }
+}