Query Refused

Cricket Liu cricket at acmebw.com
Mon Jun 14 21:40:37 UTC 1999


> Sorry, in IOS  (Cisco routers), you can do this with CBAC (Context Based
> Access Control). And, our other firewall (PIX) allows incoming packets
> if they are in response to a request.

Right, and it's also possible with FireWall-1's stateful multilayer
inspection.  I just didn't want hordes of people to add rules to their
router to cut off inbound packets to port 53.

cricket

Acme Byte & Wire
cricket at acmebw.com
www.acmebw.com

Attend our next DNS and BIND class!  See
www.acmebw.com/training.htm for the
schedule and to register for upcoming
classes.



More information about the bind-users mailing list