From eb0a29adaab70381867f91085ebe0ba2cc2928d7 Mon Sep 17 00:00:00 2001
From: Camil Staps
Date: Fri, 2 Oct 2015 15:02:11 +0200
Subject: Finish assignment 4

---
 netsec-assignment4-S4498062/exercise4/exercise4a | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100644 netsec-assignment4-S4498062/exercise4/exercise4a

(limited to 'netsec-assignment4-S4498062/exercise4/exercise4a')

diff --git a/netsec-assignment4-S4498062/exercise4/exercise4a b/netsec-assignment4-S4498062/exercise4/exercise4a
new file mode 100644
index 0000000..5646f65
--- /dev/null
+++ b/netsec-assignment4-S4498062/exercise4/exercise4a
@@ -0,0 +1,7 @@
+This is in REQ-4. Error messages should only be in an existing session
+(otherwise we can send error messages `gratuitiously', like in gratuitious ARP,
+and thus influence a NAT from outside). So, we SHOULD drop these packets.
+
+If such an error message does belong to an existing session, NAT should simply
+translate the address and forward the message to the internal host, so that it
+receives the message correctly.
-- 
cgit v1.2.3