[ previous ] [ next ] [ threads ]
 
 From:  Adam Sosnowski <Adam dot Sosnowski at fransmaas dot com dot pl>
 To:  Paul Taylor <PaulTaylor at winn dash dixie dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] logical name against IP address
 Date:  Thu, 27 Oct 2005 14:32:44 +0200
Thank's Paul,

I did not know what for the aliases are.
You are right about poison DNS.

Best regards,
Adam Sosnowski
IT-Department Promexim LTD Warsaw Office
Frans Maas Poland Group
Ph.: +48 (22) 67 06 889 Fax : +48 (22) 67 06 802
Mob.: +48 (0) 506 00 33 83
adam dot sosnowski at fransmaas dot com dot pl  www.fransmaas.pl




> Adam,
> 
> 	If you are referring to the firewall rules, you can create aliases,
> then use the alias name in your rules.  The advantage here is that if an IP
> Address changes that you have multiple rules in place for, you can simply
> change the IP that the alias is pointing to...
> 
> 	You can't simply use DNS names and expect the same behavior...  I
> mean, in that case it might be possible that someone could poison your DNS
> and have your rules allowing things you don't intend.
> 
> Paul
> 
> -----Original Message-----
> From: Adam Sosnowski [mailto:Adam dot Sosnowski at fransmaas dot com dot pl] 
> Sent: Thursday, October 27, 2005 4:26 AM
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: [m0n0wall] logical name against IP address
> 
> Hi,
> 
> I have one question regarding firewall part
> in monowall. Is it possible to set rules
> using the logical name as the source IP
> like "something.com" ?
> 
> The monowall do not accept that.
> It says the the source ip must be specify.
> 
> Many thanks in advance.
> 
> Best regards,
> Adam Sosnowski
> IT-Department Promexim LTD Warsaw Office
> Frans Maas Poland Group
> Ph.: +48 (22) 67 06 889 Fax : +48 (22) 67 06 802
> Mob.: +48 (0) 506 00 33 83
> adam dot sosnowski at fransmaas dot com dot pl  www.fransmaas.pl
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>