Hi, Quoting "Berk D. Demir" <[EMAIL PROTECTED]>:
> Re: Bryan Irvine > > ...But be careful. Resolving biz is done at parsing time. Your rules > won't be dynamic in addressing. > > e.g: > block out on $extIf from any to www.example.com port 80 > can be useless when the Example Inc. guys change their web server's > ip address. You've to reload therule set with pfctl again. In this case, if www.example.com has multiple IP adress (round-robin DNS configuration for a Web server), what is the comportement of pf_parser at reload of rules ? Will PF load a rule for each IP given by www.example.com DNS resolution ? Thx, Foxy. -- Laurent Cheylus <[EMAIL PROTECTED]> OpenPGP ID 0x5B766EC2
