On Tuesday 17 February 2004 8:33 pm, Ben Goedeke wrote:
> Ok, thanks Antony.
>
> It's been bugging me for a few days now cause I just couldn't imagine
> the software being "intelligent" enough to make this so easy.
netfilter remembers the packets which it translates on the way out (source +
destination IP address, source + destination port (if TCP or UDP)), and looks
for packets coming back which match the other way round (source vs.
destination).
When it sees such matching packets, it knows they must be replies to
previously translated ones, so it automagically applies the reverse
translation on the way back in. Any packets which don't match ones
previously sent, don't get automagically translated.
Antony.
--
How I want a drink, alcoholic of course, after the heavy chapters involving
quantum mechanics.
- 3.14159265358979
Please reply to the list;
please don't CC me.
