There's a small bug in IP masquerading in 2.0.36. If you use tcpdump on your masquerading host and look on the local interface (that you're masquerading IPs FROM), and compare that to what you see on your masqueradED host: On the masqueradING host: 18:54:25.858070 masquerading_firewall.my.domain.61010 > host.on.Internet.telnet: S 3756088687:3756088687(0) win 512 <mss 1460> [tos 0x10] On the TO BE masqueradED host: 18:54:25.863903 masqueraded_client.internal.domain.20169 > host.on.Internet.telnet: S 3756088687:3756088687(0) win 512 <mss 1460> [tos 0x10] you'll see that when connections get masqueraded, the information seen in promiscuous mode on the local interface gets masqueraded as well, when it shouldn't be. You see a different view of the network than reality. This kind of mucks with things like tcpdump host filtering, intrusion detection, your mind. You ONLY see this when you look at packets for masqueraded connections, not for normal firewall->client traffic or normal LAN traffic. Any thoughts? -Jason --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] For daily digest info, email [EMAIL PROTECTED]
