Firewall Wizards mailing list archives
Re: IP over DNS.
From: Darren Reed <avalon () coombs anu edu au>
Date: Wed, 13 Sep 2000 11:26:24 +1100 (Australia/NSW)
In some mail from Alex Goldney, sie said:
Well, you could avoid a full proxy based firewall, you just need to ensure you use a split DNS configuration with appropriately crafted PF rules to ensure all DNS traffic must go through your DNS proxy. That doesn't preclude you from letting other traffic in/out without proxying. Of course, you might still want to use a proxy based firewall in any case :-)
A DNS proxy will pass the IP over DNS packets just fine, back and forth. There could be half a dozen named's linked together as "forwarders" and it will still work. Darren _______________________________________________ Firewall-wizards mailing list Firewall-wizards () nfr net http://www.nfr.net/mailman/listinfo/firewall-wizards
Current thread:
- IP over DNS. Darren Reed (Sep 12)
- Re: IP over DNS. Ryan Russell (Sep 13)
- Re: IP over DNS. Mikael Olsson (Sep 13)
- Re: IP over DNS. Matt Cramer (Sep 13)
- Re: IP over DNS. Darren Reed (Sep 16)
- <Possible follow-ups>
- Re: IP over DNS. Alex Goldney (Sep 13)
- Re: IP over DNS. Darren Reed (Sep 13)
- RE: IP over DNS. Frank Knobbe (Sep 16)
- RE: IP over DNS. Bill_Royds (Sep 18)
- Re: IP over DNS. Darren Reed (Sep 19)