Ben,
This seems to happen to *BSD (at least FreeBSD) too.
Remember my dual firewall problem (that I ended up with a map on
firewall's internal interface)? When I try to ping an outside ip from an
internal host (which is a FreeBSD box) I got echo-replies from the
firewall's internal ip! I thought I'm not knowledgeable enough to judge
if this is a problem so I didn't report it.
Cheers,
Dennis
PS. There are more subtle things to my dual firewall setup I wonder if
anyone has interest to hear.
Ben Nagy wrote:
>
> G'day,
>
> I was just testing some strange NAT stuff, and I noticed that both Windows
> NT4 and Linux (2.2.14) don't seem to care about source IP addresses for ICMP
> echo-replies.
>
> For example, sitting on the outside, I would ping an inside host, and the
> reply would come back from the outside IP address of the router. Ping,
> however, didn't care and reported 0% packet loss.
>
> Has anyone else noticed this? Is it just me, or is that a bizarre
> implementation choice? It certainly gave me the absolute "what the (*^(&???"
> heebie-jeebies.
>
> Cheers,
>
> --
> Ben Nagy
> Network Security Specialist
> Marconi Services Australia Pty Ltd
> Mb: +61 414 411 520 PGP Key ID: 0x1A86E304
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
