Luck, Tony wrote:
> (...)
> The fact that someone can deduce how many hosts are hidden behind
> a NAT gateway may, or may not, be a bug ... depending on whether you
> think that the NAT is supposed to keep this number a secret. But there
> (...)
Sometimes it is desirable to hide the true number of hosts behind the
NAT. For example in home-made Linux NAT Gateways where few people share
the same internet connections even if ISP doesn't allow sharing
connection ;)
On Tue, Feb 11, 2003 at 08:49:59AM +0100, Leonard Milcin, Jr wrote:
> Luck, Tony wrote:
> > (...)
> > The fact that someone can deduce how many hosts are hidden behind
> > a NAT gateway may, or may not, be a bug ... depending on whether you
> > think that the NAT is supposed to keep this number a secret. But there
> > (...)
>
> Sometimes it is desirable to hide the true number of hosts behind the
> NAT. For example in home-made Linux NAT Gateways where few people share
> the same internet connections even if ISP doesn't allow sharing
> connection ;)
No doubt. But as I initially stated: I don't want to do this by
default. We will give the user a choice [by means of an IPID target in
the mangle table].
--
- Harald Welte <[email protected]> http://www.gnumonks.org/
============================================================================
"If this were a dictatorship, it'd be a heck of a lot easier, just so long
as I'm the dictator." -- George W. Bush Dec 18, 2000