diff options
Diffstat (limited to 'netsec-assignment4-S4498062/exercise4/exercise4a')
| -rw-r--r-- | netsec-assignment4-S4498062/exercise4/exercise4a | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/netsec-assignment4-S4498062/exercise4/exercise4a b/netsec-assignment4-S4498062/exercise4/exercise4a new file mode 100644 index 0000000..5646f65 --- /dev/null +++ b/netsec-assignment4-S4498062/exercise4/exercise4a @@ -0,0 +1,7 @@ +This is in REQ-4. Error messages should only be in an existing session +(otherwise we can send error messages `gratuitiously', like in gratuitious ARP, +and thus influence a NAT from outside). So, we SHOULD drop these packets. + +If such an error message does belong to an existing session, NAT should simply +translate the address and forward the message to the internal host, so that it +receives the message correctly. |