On Fri, Jun 08, 2007 at 04:12:58PM -0300, Henrique Cesar Ulbrich wrote: > With NAT, even if you circumvent the firewall your internal addresses are > still unreachable. If you have a valid /24 network, bypassing the firewall > leaves your entire network on the wild.
You have to realise that all you're doing here is using a curious definition of "circumvent" and "bypass" to mean two different things. The methods used to penetrate a firewall are the same regardless of whether or not it performs NAT, and so are the effects. Even if a method existed to defeat the filtering part without defeating the NAT part, nobody would bother using it (and I'm not aware of any such method existing). ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
