Jonathan Hilgeman wrote:
> Now, I'm assuming that Apache has full access to these incoming packets.
> Therefore, they must also have access to this invisible identifier. Is it
> possible to extract that identifier somehow by tinkering with Apache?
The only thing that you can access from the webserver side is the
REMOTE_ADDR and REMOTE_PORT. IP masquarding is handled only by the
firewall that is doing the masquarding: the web server and browser have
no idea that this is happening. The firewall has a table that keeps
track of open TCP connections, so that when it receives data on the
outside port (e.g. 61172) it knows to rewrite the packet and send it off
back to the inside client (e.g. 192.168.1.42:49372) that created the
initial TCP connection.
This is one of primary reasons that cookies exist.
--
Regards,
Wim Kerkhoff, Software Engineer
Merilus, Inc. -|- http://www.merilus.com
Email: [EMAIL PROTECTED]
