On Fri, Jan 07, 2000 at 09:38:55AM -0500, Frederick M Avolio wrote:
> Apologies. I screwed up. As Sam James <[EMAIL PROTECTED]>
> graciously pointed out to me in personal e-mail, IP Masq is not a filtering
> mechanism per se, of course. It is NAT. I wish I had a clever excuse... I
> dropped the ball and replied without thinking. It probably isn't a
> permanent problem. :-) Who knows...
But the NAT makes the IPChains in Linux statefull, since it knows how to
handle fragmentation, window and syn/ack tracking.
Greetings
Bernd
--
(OO) -- [EMAIL PROTECTED] --
( .. ) ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/
o--o *plush* 2048/93600EFD eckes@irc +497257930613 BE5-RIPE
(O____O) When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
