Re: Outgoing firewall and CNAMES
On 12/09/12 17:59, Lists wrote:
> I use an outgoing policy of deny on webservers, and allow explicitely
> what I need them to connect to. This has never posed a problem, until
> today. I need to allow a website to pull in a feed from another site,
> hosted on amazon's elastic cloud thingy. The problem is, the DNS name
> is a CNAME to a CNAME to a CNAME, like:
>
> How do you guys deal with this kind of problem?
Generally, I've seen this solved using a whitelisting proxy on another
machine, rather than by using iptables.
Reply to: