Once upon a time, Brielle Bruns <br...@2mbit.com> said: > UDP is a fun protocol - stateless, so blocking a DST of 53/UDP to > the customer also will block responses to recursive queries that > originate from SRC 53/UDP. Connection tracking sorta makes it > stateful to a point, but it can get ugly with enough traffic.
Sending queries from port 53 has been considered bad behavior and deprecated for what, 15 years now? -- Chris Adams <c...@cmadams.net>
