Hostname-based filtering?

Jonathan Belson jon at
Thu Jul 15 09:52:37 BST 2004


> This is impossible at the IP, TCP, UDP layers.  It is possible at the
> application layer (read HTTP or SMTP or whatever), but only if the
> application layer supports it.

It works quite well for something that's impossible :-)

I don't know that much about Borderware kit, but I know that the server I'm
accessing is connected to one of the auxiliary ports of the Borderware
firewall.  The BW box has been configured to pass certain traffic [1] to
the auxiliary server when I use a particular hostname.  The forwarding
doesn't occur when I try to access the machine by IP, or via an alias.

[1] In this case it's traffic to and from our source code repository, but
it seems you can do the same trick for any port.



More information about the Ukfreebsd mailing list