Maybe I’m stupid but can we block direct ip access to stuff and only allow dns? (no idea how it would work but…) If this is possible it would be a pretty good defence against unwanted traffic, like torrent and other such stuff, on the public network. Just an idea that hit me. But it’s probably not doable, atleast not easily. Maybe one could compare dns cache. Because looking up every ip is not very efficient.
What do you say, am I just stupid? The more I think about it, it’s proably not that good idea but let’s put it out there and see what you think. 