hi, while the docs recommend against using dns names the ability is there with 1.3.9 and later, if i'm not mistaken.
http://www.shorewall.net/configuration_file_basics.htm#dnsnames i'd say if it works for you use it, at least try it on a test box if possible. brett --- Homer Parker <[EMAIL PROTECTED]> wrote: > On Thu, 30 Jan 2003 11:23:48 -0500 "Brad Fritz" > <[EMAIL PROTECTED]> > wrote.... > > > > > Homer, > > > > Jumping in kinda late here...apologies if I am > missing the boat... > > > > On Thu, 30 Jan 2003 09:29:21 CST Homer Parker > wrote: > > > > > On Thu, 30 Jan 2003 11:09:24 +0100 Erich Titl > <[EMAIL PROTECTED]> > > > wrote.... > > > > > > > > Ok... I guess I missed the point > that the boxes don't have > > > > > net > > > > > > > > > > access.. > > > > >There are 7 systems behind the Bering box, > and only 2 have net > > > > >access... > > > > > > > > LiveUpdate without net access. It's kind of > contradictive. > > > > > > > > > > They are blocked at the firewall at the > managements request... > > > But, > > > they want to keep the virus defs on those > machines current, so I'm > > > trying to find a way to handle that... > > > > One way to do that would be to put those machines > in their own > > zone, assign a reject policy from that zone to the > net zone, and > > then add a rule to allow traffic to just the > LiveUpdate port(s) > > on the LiveUpdate servers. > > > > The proble is, the LiveUpdate servers use > akamai.net, and resolve to > multiple IP's.. I guess I could just allow one of > them, put a hosts file > on each machine, and allow just a single server that > way... Till they move > the server... Was hoping for a more permanent type > solution... > > --- > Homer Parker /"\ ASCII Ribbon > Campaign > \ / No HTML/RTF in > email > http://www.homershut.net x No Word docs in > email > telnet://bbs.homershut.net / \ Respect for open > standards > > This e-mail message is 100% Microsoft free! > > WARNING: THIS ACCOUNT BELONGS TO A RABID > ANTI-SPAMMER NET-NAZI DOT-COMMUNIST!! > > > ATTACHMENT part 2 application/pgp-signature __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com ------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
