[Techtalk] Good firewall configuration tool for debian
Devdas Bhagat
devdas at dvb.homelinux.org
Sat Apr 10 03:56:22 EST 2004
On 09/04/04 17:10 -0400, Travis Casey wrote:
<snip>
> Static NAT only breaks applications where (a) the protocol requires one or
> both sides to know their own addresses and send them and (b) the
> application designers did not supply a way to tell the application that you
> want to "advertise" a different address than the one the application
> automatically learns. (In my experience, Microsoft seems to like to do
> this...)
>
> (IMHO, such protocols are broken; why require clients to supply their own
> addresses, when the address of the "other end" of the connection is easily
> learned through standard calls?)
IPSec with AH.
Devdas Bhagat
More information about the Techtalk
mailing list