What's the basic for compare source network names in firewall rules?

Question

I want, that specific FQDN hosts, can't pass the firewall. For that, I created a firewall rule with the action refuse (verwerfen). Under source networks I put several FQDNs, which I don't want to pass the firewall. These FQDNs are reverse DNS names, which I got via nslookup! 
 I'm not an network specialist and so I have maybe a stupid question. The FQDNs names I have specified in this firewall rule, will be that compared also with the reverse DNS name or is it any other FQDN name, which can be different from the reverse DNS name? 
 Thanks for your support, HGA

Prism · Answer

Hello! 
 HGA said: The FQDNs names I have specified in this firewall rule, will be that compared also with the reverse DNS name or is it any other FQDN name, which can be different from the reverse DNS name? 
 As far as I know, the Firewall doesn't use reverse DNS for this. 
 By default It will resolve the IPv4/6 address of the defined FQDN, then use that IP address to block through the Firewall. 
 If It's an wildcard FQDN, It will grab the A/AAAA record through DNS, and It works either way - if the client uses the Firewall as the DNS Server, or It will grab through the resolved DNS that the client resolved as long It's being resolved as plain-text. (Not using DoT or DoH.)

What's the basic for compare source network names in firewall rules?

Top Replies