![]() ![]() For other IP protocols, hide mode does not work because there are no ports or data that can be modified. For ICMP packets, the data portion of the packet is modified (the data portion of an ICMP packet usually isn't used). In order to accomplish this, FireWall-1 changes the source TCP or UDP port of the packet so that it can keep track of which host the connection belongs to (and, consequently, know where to send reply packets). This is perfect for hosts that require access to the Internet but should not be accessed from the Internet. In the text, I will refer to this simply as hide mode. Source Hide: Makes more than one host appear as a single host (i.e., a many-to-one translation). ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
May 2023
Categories |