No-one should expect a response to such a packet w/ a source address from
one
of the public networks.
Playing 'devils advocate' in the case of an ISP carrying the packet, a
response will
go out but might not reach the person who sent it. If you happen to have
two companies
let's say with the same ISP both using the same range of addresses (very
possible) it
would be a crap shoot as to which one your return packet would get to. If
it got to the
wrong one, it would be dropped by the end user's machine as there was no
established
connection with the end station.
I've had the same happen to me which is why I drop all those types of
packets at
the router's serial interface before it even gets to any firewalls.
Steve
----- Original Message -----
From: Bruce Stephens <[EMAIL PROTECTED]>
To: at Linux-Net <[EMAIL PROTECTED]>
Sent: Sunday, June 06, 1999 22:38
Subject: Illegal IP Addresses (II)
> Ok,
> so I get the point that these 192.168.x.x addresses according to -
>
> > From: "Steve Costaras" <[EMAIL PROTECTED]>
> > Here's verbatim from RFC 1918:
>
> are a little incorrect. But there is no way of tracing 'traceroute' these
> addresses. So how does anyone expect to get a response to a command from a
> 192.168.x.x address across the internet?
> Interestingly, even though the UDP message from 192.168.5.192 is stopped
by
> the firewall (RULE is DENY) this system attempts to respond with an ICMP/3
> back to 192.168.5.192 (in this case) but is blocked by the fw-out rules
> (and logged)!!
> Neat huh.
>
> To date I have had 2740 hits - admittedly over a period of a few weeks.
>
> Regards,
> Bruce.
>
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-net" in
> the body of a message to [EMAIL PROTECTED]
>
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
