NATed peer & ports
Tobias Wimmer
wimmer at flamewar.net
Thu Jan 20 22:29:10 CET 2005
Hi there,
I've got a question about the fact that the source port of an outbound
packet may not be altered by a masquerading firewall. Unfortunately the
example on the website does not explain why this has to be done. Forwarding
an inbound packet is often needed but WHY has the source port to remain
unchanged? I'm not a too good coder so it's hard for me to reproduce what
happens. Is this something that is by design of tinc or could it be changed?
The reason I'm asking this question is that not changing the source port is
something that can be done easily with linux or similar but for almost every
"home router" it's impossible. This makes tinc very hard to implement for
"home" use, which is really too bad... :-(
Anyway, thanks for taking the time to read through my email.
Tobias
More information about the tinc
mailing list