Firewall DNS reverse- forward lookup

admjcd admjcd at
Thu Jan 1 15:51:19 UTC 2004

Hello all,

  WE are having an issue with our Raptor firewall dropping packets because of a reverse - forward lookup fails. Here is the log and a link to why raptor logs it:

  " reverse address doesn't match -- denied"

  My questions is :  Is this a valid security check (reverse-forward)?  Is there a problem with's DNS setup? Is Raptors' rule to just drop these connections valid?  How would such a rule handle round-robin, where a forward lookup can return a a different IP? Or a number of IP's?  Do any of you have any experience with this?  TIA  And happy new Year!!!.


More information about the bind-users mailing list