On Sunday 11 January 2004 12:00 pm, HEMANT BAANDAL wrote:
> Hey guys,
>
> Is there anyway i can detect proxied ips' behind my
> nat box. I am using iptables-1.2.7a-2, i need to
> detect natted or proxied ips passing through my linux
> box. Can anyone help me with this.
Proxied IPs may be detectable by looking at the OSI layer 7 content of the
packets (ie: not using netfilter), to see whether the proxies give themselves
away by some sort of header (eg: http proxies commonly insert a header from
which you can tell it's not a direct connection).
NATted IPs can (I believe) be detected by analysis of the source ports and/or
sequence numbers. Try a google search for something like "nat detect
sequence source port"?
Why do you want to do this? There may a better solution to your problem than
the specific question you have asked?
Antony.
--
If you want to be happy for an hour, get drunk.
If you want to be happy for a year, get married.
If you want to be happy for a lifetime, get a garden.
Please reply to the list;
please don't CC me.
