ipfw and hostnames
cswiger at mac.com
Sun Jun 1 11:44:42 PDT 2003
Petri Helenius wrote:
> How do I compile/load ipfw kld so that it has "default to accept" which seems to be
> required to allow hostnames to be used in firewall configuration loaded at boot time.
You are strongly advised to use IP addresses instead of hostnames in firewall
rulesets, to avoid DNS spoofing attacks subverting your firewall. Ideally, your
firewall should function without depending on any external network resources.
More information about the freebsd-net