F5 | 974569

Bug ID 974569: Stonewall service does not use system DNS cache while resolving names in exclusion list. ... Symptoms ... - F5 Stonewall service for Windows does not consider the state of the client DNS cache while resolving names in the exclusion list. - The Stonewall service always makes a DNS query on the wire to resolve exclusion hostnames. ... Impact ... - Other applications running on the machine perform DNS resolution via the Windows DNS Client service which may provide answers from the cache it maintains. ... Since F5 Stonewall service does not consider the state of the cache, it may maintain a different set of IP addresses as part of the DNS resolution. - In this case, traffic to the IP addresses from the DNS Client cache may be blocked. ... Conditions ... - Locked mode client has hostname exclusions. - DNS server responds with different IP address/addresses at times, for a given hostname from the exclusions. ... Fix Information ... Now, the default behavior of Stonewall has...