Re: [SLUG] worth of firewall-in-a-box hubs?

• Next message: Mike Manchester: "Re: [SLUG] .bashrc settings"
• Previous message: dopler2@juno.com: "Re: [SLUG] Re: A silly question -- Major Domo"
• Maybe in reply to: Mario Lombardo: "Re: [SLUG] worth of firewall-in-a-box hubs?"
• Next in thread: A. deLisser: "Re: [SLUG] worth of firewall-in-a-box hubs?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This message came from someone who appears to be s*bscr*bed, but not
under the email address their MTA is advertising. Normally, I /dev/null
these and send the person a note about their address problem. But this
answer was worth posting regardless.

Paul

----- Forwarded message from adriand_omit@tampabay.rr.com -----

Reply-To: adriand@tampabay.rr.com

Paul,

I'll take a stab at this.

The router performs Network Address Translation (NAT) to map the
non-routeable private LAN addresses (such as 192.168.*.*) to a public IP
address (the one provided by the ISP).

When an internal machine sends a packet to the Internet, the router
saves the source IP, protocol (UDP or TCP) and port number. It then
replaces the source IP address with the public IP one, and also replaces
the source port number with one in a high range (probably above 7000).
The original and altered source information is then placed in a table,
which is used to reverse the process when a response comes back from the
'Net. These table entries expire after some reasonable period of time.

A repercussion of using private addresses and NAT, is that it would be
very difficult initiate a connection to a particular internal address
from the outside. NAT is one of several techniques that might be
employed by a firewall or router to enhance security. In my opinion, NAT
functionality is one of the best reasons to get a simple router
(Netgear, Linksys, Dlink, SMC, etc.).

-Adrian

> I'm guessing the following series of steps happen:
>
> o LAN machine sends a packet to internet machine.
> o The packet gets routed through firewall machine which
> remembers that it came from LAN machine.
> o Internet machine replies with a packet that arrives at
> firewall machine.
> o Firewall machine remembers that a packet was sent from
> LAN machine to internet machine and sends the reply to
> the correct LAN machine.
>
> I guess the firewall/router would check to see if LAN machine accepted the
> packet (which brings up the case of UDP) and, if it rejected the packet,
> the firewall/router would turn off "accepting" further packets from the
> internet machine.
>
> Regardless, people more knowledgable than I figured out how to do all this
> stuff, I'm just curious as heck as to how it really works. [shrugs]
>
> Paul Braman
> aeon@tampabay.rr.com

----- End forwarded message -----

• Next message: Mike Manchester: "Re: [SLUG] .bashrc settings"
• Previous message: dopler2@juno.com: "Re: [SLUG] Re: A silly question -- Major Domo"
• Maybe in reply to: Mario Lombardo: "Re: [SLUG] worth of firewall-in-a-box hubs?"
• Next in thread: A. deLisser: "Re: [SLUG] worth of firewall-in-a-box hubs?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 19:37:39 EDT