Yes, now it seems OK. Natd aliases ip_src as well as the host inside ICMP
packet. Thanks.
Bohus
On Wed, Jul 18, 2001 at 03:41:38PM +0300, Ruslan Ermilov wrote:
> On Fri, Jul 13, 2001 at 04:48:03PM +0300, Ruslan Ermilov wrote:
> > On Fri, Jul 13, 2001 at 04:18:05PM +0300, Ari Suutari wrote:
> > > > >
> > > > > Doesn't sound good that IP header with private IP address
> > > > > gets sent to internet. - after all, the 195.168.3.210 host on internet
> > > knows
> > > > > nothing about 10.10.1.2...
> > > > >
> > > > We have discussed this before with Brian and Charles, and have come
> > > > up to an agreement that FIREWALL should block these packets, not NAT.
> > > >
> > >
> > > There must be something I don't understand now ? How is the host
> > > on the internet now going to know that smaller MTU is required when
> > > it sends packets to host inside nat'ed network ?
> > >
> > Give me a few days guys, OK? I will come up with a solution.
> >
> OK, as was promised... Please try the attached patch.
> You'll have to recompile/install both libalias and natd.
>
>
> Cheers,
> --
> Ruslan Ermilov Oracle Developer/DBA,
> [EMAIL PROTECTED] Sunbay Software AG,
> [EMAIL PROTECTED] FreeBSD committer,
> +380.652.512.251 Simferopol, Ukraine
>
> http://www.FreeBSD.org The Power To Serve
> http://www.oracle.com Enabling The Information Age
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
