ipfw and hostnames

[Chuck Swiger]

Petri Helenius wrote:
> How do I compile/load ipfw kld so that it has "default to accept" which seems to be
> required to allow hostnames to be used in firewall configuration loaded at boot time.

You are strongly advised to use IP addresses instead of hostnames in firewall 
rulesets, to avoid DNS spoofing attacks subverting your firewall.  Ideally, your 
firewall should function without depending on any external network resources.

-- 
-Chuck