Date: Mon, 27 Oct 1997 13:11:09 GMT From: Michael Ryan <mike@NetworX.ie> To: FreeBSD Support <questions@freebsd.org> Subject: dfilter in iijppp Message-ID: <ECS9710271309A@NetworX.ie>
next in thread | raw e-mail | index | archive | help
Hi Folks, I have set up iijppp for dial-on-demand. It's working great. Now, I want to install dfilter rules to determine what brings up the link. I want -only- http traffic (dst port = 80) to bring up the link. I'm using Squid as a proxy http cache. But, the first thing Squid will do is try to resolve the hostname into an IP address using DNS. Therefore, I would also have to allow DNS traffic to activate the link, or Squid will fail, saying it can't resolve the hostname. But, once I do this, then just about every service will cause the link to come up, e.g. both sendmail and ping will try to resolve hostnames as well. Is there any way in practise to implement intelligent dfilter rule sets. It seems to me that enabling DNS to activeate the link (as seems to be required to get Squid to work) will implicitely allow any service to activate the link... Bye, Mike <mike@NetworX.ie> ---
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ECS9710271309A>