[ previous ] [ next ] [ threads ]
 
 From:  Scott Ullrich <sullrich at gmail dot com>
 To:  Andrew White <andywhite at gmail dot com>
 Cc:  Chris Buechler <cbuechler at gmail dot com>, m0n0wall dash dev at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall-dev] Re: [m0n0wall-commits] r397 - in branches/freebsd6: . phpconf/inc webgui
 Date:  Mon, 19 Jul 2010 15:28:02 -0400
On Mon, Jul 19, 2010 at 4:50 AM, Andrew White <andywhite at gmail dot com> wrote:

> [snip]
> I assume pfSense doesn't have this on by default, which is why it's on the
> list ?
>


pfSense has this on by default and goes even further by checking the headers
and will prevent the page from loading altogether when we detect a rebind
occurrence.

This change will also break dns forwarder domain forwarding if you do not
define a ----dns-rebind-ok=domain.com in the dnsmasq configuration however
that option requires a newer option of dnsmasq which will result in the
isc-dhcp-leases code being removed.

Scott