Jared Mauch wrote on 1/28/14 10:11 PM: > 192.168.0.1 has a rule that says send UDP/53 packets I process to 172.16.0.1. > Since i'm "outside" it's "NAT", the rule ends up taking the source IP, which > isn't part of it's "NAT" set, and ends up copying my "source" IP into the > packet, then forwards it to the DNS server.
This is really broken. Do you have any idea as to why such rule is implemented? I also heard that some CPE implement exactly the same logic if one spoof src IP inside their NAT. I think that the Spoofer project discards tests from the inside NAT, but maybe they track such cases? Andrei