Name resolution in firewall rules
I'm actually looking at pfSense to build a redundant firewall for my corporation.
But I have one big problem : the webGUI doesn't let me put names instead of IP adresses in the aliases or in the rules.
Meaningwhile, I know packet filter can handle name resolution in rules.
Does anymody have a solution ?
Sorry but there is no way to do this and its generally a bad idea. But I will not go into best practices and leave it at the technical capabilities of the webConfigurator which prevent this behavior.
I could only see this useful in a home environment with dhcpd and dynamic addresses. Instead of assigning the mac addresses static ips you could just plug in the hostname. Setting the individual machine such as a laptop to a static ip would be a hassle when moving from locations with it.
Regardless I agree with sullrich on this. However I could see a reverse lookup display of the hostname useful as I tend to put the hostname of the machine in the description to jog my memory.
I guess this would be for blocking myspace or something. The only problem is they have ~7 ip addresses.
Keep people honest at work huh … ::)