Rudolph Pereira wrote:
On Thu, Oct 05, 2006 at 10:40:39PM +1000, Darren Reed wrote:
IPFilter is currently set to run before the default route is established
for security reasons.
Thanks for clarifying that.
While I understand your problem here, I believe that changing the
order of the ipfilter init script being executed isn't necessarily the
best way to do it.
I'd be interested in other solutions, as I can't think of any (other
than, for example, not using DNS in ipf.conf)
The current ipfilter init script is meant to analyse /etc/resolve.conf
and automatically allow
DNS traffic, according to the set configuration. Where does the init
script go wrong in
allowing access in that manner?
Darren
