> But the NAT makes the IPChains in Linux statefull, since it knows how
> to handle fragmentation, window and syn/ack tracking.
yup, it does feel like a kludge though to add a state machine by adding
a masquerading (many2one NAT) stage 8-/
--
MfG/best regards, helmut springer
[EMAIL PROTECTED]
"Freedom's just another word for nothing left to lose"
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
- linux Masq == stateful filtering ? ( NEWBIE ) Luca D'Andrea
- Re: linux Masq == stateful filtering ? ( NEWBIE... Frederick M Avolio
- Re: linux Masq == stateful filtering ? ( NE... Frederick M Avolio
- Re: linux Masq == stateful filtering ? ... Bernd Eckenfels
- Re: linux Masq == stateful filtering ?... Helmut Springer
- Re: linux Masq == stateful filter... Aaron C. Springer
- Re: linux Masq == stateful fi... Ron DuFresne
- Re: linux Masq == statefu... Aaron C. Springer
- Re: linux Masq == statefu... Paul D. Robertson
- Re: linux Masq == stateful fi... Jason Axley
- Re: linux Masq == statefu... Aaron C. Springer
- No Subject Bernd Eckenfels
