At 07:13 AM 2/12/03 -0800, Tom Eastep wrote:
Sean E. Covel wrote:BTW, I did send Eyeball Chat a help request
[...]
I just read their Magic Bullet paper and I think that it works with Dachstein because on Dachstein (as with Seawall), the "Masquerade Port Range" is left open by the firewall. This allows incoming SYN packetsTom -- Can you expand on this just a little bit more? (Or Lynn, can you?) This conclusion is kind of where I got to last night, but only for TCP. What is the equivalent of "SYN packet" detection for UDP? Or, to put it another way, how does iptables (or Shorewall) determine the state associated with a UDP packet? I can't figure it out from the iptables docs I have.
to sail right through the firewall AND will even route it to the correct internal system. It is a cute trick except that it is based on being able to exploit the primative capabilities of ipchains.
And Sean ... if you are really willing to put in the work needed to pin ghtis down for sure, I think you're going to need to run a packet sniffer on the router's external interface. This will let you sort out both the state issue that Tom, Lynn, and I have all raised (though our terminology has varied) and the "then a miracle happens" elements of their slightly obscure explanation of how their trick works (how does the client figure out what port the p2p connections has been MASQ'd to and communicate it to the EyeBall server? is the one that has me stumped).
--
-------------------------------------------"Never tell me the odds!"--------
Ray Olszewski -- Han Solo
Palo Alto, California, USA [EMAIL PROTECTED]
-------------------------------------------------------------------------------
-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
