Dear Ken, With thanks.. As I know.. these denies are because of the TC flag which is set in UDP response. The TC flag is set to say the request should be sent on tcp port (for long names), So if these packet deny, how DNS will work properly for that types of name resolution?
With Thanks --Fatemeh T. __________________________________________________ Do You Yahoo!? Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month. http://geocities.yahoo.com/ps/info1 _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
