Hello,
Maybe the reverse dns is working on your test address?
I checked it and yes it does work that way. I never knew it did.
Indeed.
This feature makes sense because it allows to allow a full domain, say
"apache.org", any host of which the inverse dns resolves to the domain can
then be allowed.
But this also means that if the reverse dns is not controlled, say with
the dynamic dns and a moving ip, ip control does not work, hence my
proposal for a lesser version which just checks that a client ip is
allowed just by resolving a name.
--
Fabien.
