On Fri, Sep 16, 2016 at 09:09:44AM -0400, Ted Unangst wrote:
> Dimitris Papastamos wrote:
> > Hi everyone,
> >
> > I've put together a patch for 6.0-stable that adds domain name
> > matching support to rebound(8). The patch is quite rough at the
> > moment.
> >
> > The config is as follows:
> >
> > match "local." 10.0.0.53
> > match "." 8.8.8.8
>
> So this is taking rebound in a rather different direction than planned. It's
> not supposed to do anything complicated. Also, the plan is to remove its
> config file entirely.
>
> But I think I know why you want this. I have this pf.conf rule on my firewall.
>
> pass in on cnmac1 proto { udp , tcp } from any to any port 53 rdr-to 10.1.1.1
> port 53
Yes that works for me then.
By the way, what do you think about TCP caching support? I could send
a patch to do just that.
