Re: [DNSOP] DNSOP Digest, Vol 132, Issue 53

hi Bortzmeyer, there are still some issues with >Any 50 US $ OpenWRT router can do it (iptables accepts domain names). >% sudo iptables -A OUTPUT -d www.example.com -j DROP >% sudo iptables -n -v -L OUTPUT >Chain OUTPUT (policy ACCEPT 184 packets, 22306 bytes) > pkts bytes target prot opt

Re: [DNSOP] DNSOP Digest, Vol 132, Issue 53

On Tue, Dec 19, 2017 at 02:58:57PM +0500, Tariq Saraj wrote a message of 1158 lines which said: > using a firewall based on domain names can be simply bypassed by > accessing websites through IP address. No, no, this is absolutely not what I was talking about. Instead,

Re: [DNSOP] DNSOP Digest, Vol 132, Issue 53

>The only use case you describe (firewall configuration) is >questionable. This is just a single use case, there can be a number of implementations for IPv4 to IPv6 and vice versa resolution. As I have faced the problem during development of writing automation service, thus i discuss this use case