pfctl -t table -T replace `host -l domain.name | grep -v "^_" | grep "has address" | \
awk '{print $4}' | sort | uniq | tr '\n' ' '`for dynamic updates from a windows DNS server. So I start with 10.0.0.0/8 and I narrow it down to less than 50 ip addresses. (don't comment on the range, I inherited it). I am actually wondering whether this is at all a good idea, and what a resonable frequency would be (it takes practically no time to run).
My thoughts are that a. Anyone on the network should be in the database. and b. If they are not registered then they should probably not be allowed unfettered access to the other side of the link.
Any thoughts?
David
-- David de Gruyl <[EMAIL PROTECTED]>
