blob: 5646f658593a09368b8e4767a04bae185cd4f3e2 (
plain) (
blame)
1
2
3
4
5
6
7
|
This is in REQ-4. Error messages should only be in an existing session
(otherwise we can send error messages `gratuitiously', like in gratuitious ARP,
and thus influence a NAT from outside). So, we SHOULD drop these packets.
If such an error message does belong to an existing session, NAT should simply
translate the address and forward the message to the internal host, so that it
receives the message correctly.
|
