On Fri, 9 Dec 2005, Jonathan M. Prigot wrote:
> A number of months ago, we were hit by a virus that caused our machines to
> open numerous popups to numerous adware sites. In an effort to control that
> then and forever (ha!), we placed the addresses of the adware sites into a
> table and told pf to block access to them. When I rebooted our firewall
> recently, pf did not start due to one of the addresses being unresolvable.
> This caused all connections to be blocked. Has this been fixed in later
> releases of OBSD, or has anyone developed a work around for this?
>
> # pfctl -Tload -f pf.conf
> no IP address found for dsl-80-46-67-1.access.xxxx.com
> pf.conf:17: file "/etc/blocked-sites" contains bad data
> pfctl: Syntax error in config file: pf rules not loaded
>
Why would you not use IPs, where no DNS lookup is required?
Lee
