Re: [m0n0wall-dev] Re: [m0n0wall-commits] r397 - in branches/freebsd6: . phpconf/inc webgui

From:	Scott Ullrich <sullrich at gmail dot com>
To:	Andrew White <andywhite at gmail dot com>
Cc:	Chris Buechler <cbuechler at gmail dot com>, m0n0wall dash dev at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall-dev] Re: [m0n0wall-commits] r397 - in branches/freebsd6: . phpconf/inc webgui
Date:	Mon, 19 Jul 2010 15:28:02 -0400

On Mon, Jul 19, 2010 at 4:50 AM, Andrew White <andywhite at gmail dot com> wrote:

> [snip]
> I assume pfSense doesn't have this on by default, which is why it's on the
> list ?
>

pfSense has this on by default and goes even further by checking the headers
and will prevent the page from loading altogether when we detect a rebind
occurrence.

This change will also break dns forwarder domain forwarding if you do not
define a ----dns-rebind-ok=domain.com in the dnsmasq configuration however
that option requires a newer option of dnsmasq which will result in the
isc-dhcp-leases code being removed.

Scott