Hi, I saw new recommendation about NAT behaviour have been (or are about to be) released : http://tools.ietf.org/html/draft-ietf-behave-tcp http://tools.ietf.org/html/rfc4787 I made a rapid test that seems to show that actual version of netfilter/iptables with a basic SNAT or MASQUERADE rule like this : iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE implement a "Address and port dependant filering behaviour" (for UDP). (recommendation is Endpoint independent or Address dependent filtering) Is it possible (how ?) to have a "Endpoint independent" for example ? If not, is the netfilter developpement team generaly tending to try to be compliant with IETF recommendations ? Best Regards, Jean ___________________________________________________________________________ Découvrez une nouvelle façon d'obtenir des réponses à toutes vos questions ! Profitez des connaissances, des opinions et des expériences des internautes sur Yahoo! Questions/Réponses http://fr.answers.yahoo.com
