Date: Sun, 01 Jun 2003 14:44:29 -0400 From: Chuck Swiger <cswiger@mac.com> To: Petri Helenius <pete@he.iki.fi> Cc: freebsd-net@freebsd.org Subject: Re: ipfw and hostnames Message-ID: <3EDA498D.3000307@mac.com> In-Reply-To: <001f01c32831$296b9210$812a40c1@PETEX31> References: <001f01c32831$296b9210$812a40c1@PETEX31>
next in thread | previous in thread | raw e-mail | index | archive | help
Petri Helenius wrote: > How do I compile/load ipfw kld so that it has "default to accept" which seems to be > required to allow hostnames to be used in firewall configuration loaded at boot time. You are strongly advised to use IP addresses instead of hostnames in firewall rulesets, to avoid DNS spoofing attacks subverting your firewall. Ideally, your firewall should function without depending on any external network resources. -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3EDA498D.3000307>