On Fri, May 25, 2001 at 10:03:04AM -0700, Jonathan Hilgeman wrote:
> Now, I'm assuming that Apache has full access to these incoming packets.
> Therefore, they must also have access to this invisible identifier. Is it
> possible to extract that identifier somehow by tinkering with Apache?
Most NAT implemetations keep a hash of destination ports -> internal IP.
To wit:
> 1) Person behind the firewall sends out a request to a web server.
Person _really_ establishes an outgoing TCP session with his NAT
box. The NAT box notes his internal_IP:dest_port, sets up an
outgoing TCP session to web server, notes it's own source port for
that leg.
> 4) The firewall receives the packets of data first, but now must send those
> data packets to someone inside the firewall.
Returning packets from the webserver come to that source port, NAT
box looks up hash of: external_IP:source_port -> internal_IP:dest_port,
and hands the packet in.
> 5) The packets of data MUST have some unique identifier to let the firewall
That would be the source port of the NAT box's outgoing connection.
But:
- each outgoing TCP connection from the internal host will use a
different source port.
- the request your web server is receiving may actaully (likely)
be coming from a web cache somewhere.
>
> Jonathan
>
--
Brian 'you Bastard' Reichert <[EMAIL PROTECTED]>
37 Crystal Ave. #303 Daytime number: (603) 434-6842
Derry NH 03038-1713 USA Intel architecture: the left-hand path
