From mboxrd@z Thu Jan 1 00:00:00 1970 From: Peter =?utf-8?q?M=C3=BCller?= To: development@lists.ipfire.org Subject: Re: Forward default "DROP" is not applied to ORANGE traffic?! Date: Sun, 06 Jan 2019 11:41:57 +0100 Message-ID: In-Reply-To: <0C6639EE-04B7-4C93-8AE3-E6042E8D20A5@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============5507711687819620070==" List-Id: --===============5507711687819620070== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Hello Michael, thanks for your reply. Sorry for the confusion. The current behaviour is unintentional in my point of view: If default policy is set to DROP, connections from GREEN and BLUE to RED are forbidden by default, but not from ORANGE to RED. As far as I know, this is not even documented. Thereof, I suggest to change behaviour to DROP, too. @All: Opinions? Thanks, and best regards, Peter Müller -- Microsoft DNS service terminates abnormally when it recieves a response to a DNS query that was never made. Fix Information: Run your DNS service on a different platform. -- bugtraq --===============5507711687819620070==--