I guess it might not be considered secure anyway but I've got a couple rules to allow outbound access to a couple internet hosts (some external xmlrpc stuff one of our apps uses) but it seems that the firewall isn't always able to reliably resolve the names during startup. It makes sense that the firewall shouldn't allow any inbound/outbound access from the LAN/OPT interfaces until all the rules are in place but outbound originating from the firewall itself?
I should also mention that these hostnames are part of a single Alias created to contain them all. Also it sounds like the job for a proxy but since my entire network has to be redundant that would require more than one machine and from what I understand that type of proxy isn't available in pfsense.
