29 Jan
2014
29 Jan
'14
5:11 a.m.
Jared Mauch wrote on 1/28/14 10:11 PM:
192.168.0.1 has a rule that says send UDP/53 packets I process to 172.16.0.1. Since i'm "outside" it's "NAT", the rule ends up taking the source IP, which isn't part of it's "NAT" set, and ends up copying my "source" IP into the packet, then forwards it to the DNS server.
This is really broken. Do you have any idea as to why such rule is implemented? I also heard that some CPE implement exactly the same logic if one spoof src IP inside their NAT. I think that the Spoofer project discards tests from the inside NAT, but maybe they track such cases? Andrei