> > If your firewall needs to perform *any* DNS queries, what happens if the DNS > server(s) are down or unreachable when the firewall tries to restart? Does it > fail in a way that you are happy with? > Thatīs an another defect in ipfw client utility, it stops processing rules if it fails to lookup something. There should at least be a switch to allow it to continue and ignore the lines it cannot do.
And in case you were wondering, I donīt believe in perimeter security, so we run packet filters on all machines, not just on something some people call the magic-security-device-on-the-border alias "firewall". Pete _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
