You only need the tcp rule if you plan on serving up zone transfers,
not if plan on only requesting them.
Well, very rare but answers that are over 512 bytes will have
to be sent
over tcp since the rfc 1035 mandates maximum 512 bytes for the udp
payload. So tcp is not just for zone transfers only.
True, but the client will then be responsible for opening up the tcp
session and since it will be EST, there is no need to define incoming
SYN packets no?
Hmm...no idea if a stateful udp role involves tcp at all...this requires
a netfilter dude to answer :-D
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
