On Sat, Jan 22, 2011 at 11:19 PM, Niall Litchfield <niall.litchfield@xxxxxxxxx> wrote: > Thanks Yong, I did ask about *.oracle.com. I was told (and it appears > correct) that that isn't feasible on a Cisco firewall. Ios only does IP > addresses. IP addresses can change. (I tried to allow Google Analytics and block all other HTTP traffic with a Linux iptables firewall. I ended up allowing all dst port 80 and 443. I wish to say that is very complicated when you don't know the Oracle setup) -- //www.freelists.org/webpage/oracle-l