[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Outgoing firewall and CNAMES



On 12/09/12 17:59, Lists wrote:
> I use an outgoing policy of deny on webservers, and allow explicitely
> what I need them to connect to.  This has never posed a problem, until
> today.  I need to allow a website to pull in a feed from another site,
> hosted on amazon's elastic cloud thingy.  The problem is, the DNS name
> is a CNAME to a CNAME to a CNAME, like:
> 
> How do you guys deal with this kind of problem?

Generally, I've seen this solved using a whitelisting proxy on another
machine, rather than by using iptables.


Reply to: