said by claibourne:Very clean, merry Christmas and I'm defenetly showing my age and mind said by RolteC:
Thanks rtcy, I actually already use OpenDNS. Unfortunately, people are setting their own DNS servers.
There's a quick and spiffy way to prevent them from doing exactly that. Just set up a couple rules in the "Advanced Filtering" section of the Firewall setup. First rule allows all traffic to the OpenDNS servers; the second rule blocks all DNS requests from any internal source IP, to any external destination IP. I've been doing this for two years on F, G, and I Actiontecs and haven't seen any pitfalls, performance or otherwise.