Liong Kok Foo wrote: > What other iptables firewall you guys > are using for CentOS? I used APF because it is something easy to > configure and it was working fine years ago when I started using it.
Personally I wouldn't put a DNS server behind any stateful firewall at all. Validating DNS reply packets is a rather specialized task requiring deep protocol understanding, and is best carried out by the name server itself. A dumb (stateless) packet filter is what you really want. Bart _______________________________________________ Pdns-users mailing list [email protected] http://mailman.powerdns.com/mailman/listinfo/pdns-users
