Bill - I don't advocate using reverse-lookups as a criteria for dropping packets. Based on my experience with looking log files, there are "good people" with faulty DNS lookups, and also "bad people" with valid DNS lookups. Use the firewall to only allow access to the services that you're providing, and then use a filter to restrict packets based on content. -----Original Message----- From: redhat-list-bounces@xxxxxxxxxx on behalf of Bill Tangren Sent: Thu 12/15/2005 11:15 AM To: redhat-list@xxxxxxxxxx Cc: Subject: [OT?] Firewall problems Our firewall administer says he does the reverse lookups to prevent/minimize spoofing. My question is, what is SOP for firewall reverse lookups? Thanks, Bill
-- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
