On Thu, Jul 24, 2008 at 6:29 PM, apiasecki at midatlanticbb dot com
<apiasecki at midatlanticbb dot com> wrote:
> Read the pfSenses lists, A LOT of discussion has been going on about this.
>

Not all relevant to m0n0wall.

The dnsmasq fix is a good thing to have, but now that the details are
out on this it's safe to say this is not directly relevant to this
specific issue since dnsmasq doesn't issue recursive queries.

I believe ipfilter will randomize source ports by default on NATed
traffic just like pf does, but I'm not sure of that. None of my
m0n0walls have a DNS server behind them that does recursion itself so
I haven't checked, and don't have one at hand to try.

-Chris