On 10/19/2015 8:26 PM, Karl O. Pinc wrote:
But if you write DNS names into your pf.conf file then step 2 can be eliminated. All that's required is to reload the rules.
How often do you re-query DNS to update and reload the rules? What do you do in the case of multiple A records, or a CDN? If DNS or your registrar is compromised, how do you prevent an attacker from mapping your network (or worse)?