We've recently added several iptables-based load balancers to the DNS based linux-balancer.cryptostorm.net (and windows-balancer.cryptostorm.net), but haven't yet announced it anywhere.
The reason for this new type of balancer is that we've ordered a lot more IPs for several of the servers to give people more exit IP options to help them bypass any VPN bans or whatever.
Problem is, if we added all these new IPs to linux-balancer.cryptostorm.net or windows-balancer.cryptostorm.net, it would send a disproportionate number of people to the servers with the extra IPs instead of evenly distributing clients among all the servers.
Plus, most of these new IPs are in groups of /26 subnets (30 IPs), and adding 30 IPs per new group would make the DNS balancers have too many IPs.
So the solution I came up with was to use the iptables statistic module's --probability option (see http://ipset.netfilter.org/iptables-extensions.man.html
) as a sort of makeshift load balancer.
In the case of the Linux England instance, the way it works is a client connects to 18.104.22.168, which is listed in linux-balancer.cryptostorm.net, then the above iptables module will forward them to one of the new IPs you got when you resolved linux-england.cryptostorm.net.
Doing it this way, linux-balancer doesn't get filled up with linux-england IPs, so everything gets distributed evenly.
Currently, the nodes that have new IPs are paris, romania, england, and frankfurt. The Chicago (ussouth) server is going to be replaced in about a week or so, when the new one comes up it'll also include 30 or so new IPs.
Anyways, back to your issue.
Instead of using DNS to gather a list of all the exit IPs, use the file at https://cryptostorm.is/whitelist
It contains all the possible exit IPs, and it's always up-to-date since it's used by https://cryptostorm.is/test
and a few other pages to determine if your IP is a CS IP or not.
You could run a cronjob that grabs that list every so often, and run it through | grep -v \# to have it remove the comments. The only thing in that file exit IPs and # comments containing the internal node name
In the latest version of the widget, I've had to rewrite the killswitch because it too was using windows-balancer.cstorm.pw to get the list of VPN IPs.
The replacement I decided to go with was to use the node list @ https://cryptostorm.nu/nodelist3.txt
(which the widget already comes with), resolving the hostname at the end of each line.
Doing it that way is probably easier, because it accounts for any new servers that have lotsa IPs.