From mboxrd@z Thu Jan 1 00:00:00 1970 From: =?ISO-8859-13?Q?Art=FBras_=D0lajus?= Subject: Re: Mystics of packet forwarding Date: Wed, 07 Jan 2009 00:20:20 +0200 Message-ID: <4963D924.9040905@arturaz.net> References: <4963B3EB.6090806@arturaz.net> Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: Sender: netfilter-owner@vger.kernel.org List-ID: Content-Type: text/plain; charset="us-ascii"; format="flowed" To: Billy Crook Cc: netfilter@vger.kernel.org Billy Crook wrote: > Has your ISP ever indicated hostility verbally, or in writing, toward > NAT? Is it forbidden by your Terms of Service? Well, it says that NAT is allowed in one house. Also a friend of mine that works as main admin on that ISP says they didn't do anything like that. > I find it difficult to believe that your ISP would do something so > elaborate to discourage NAT, especially if they don't explicitly > forbid it. Try disconnecting your lan from this machine, and testing > for this anomaly. An idea. But it seems that only actually forwarded packets make it happen... > I suspect one of the machines on your lan may be > attacking yahoo or digg, and causing those sites to temporarily block > your [public] IP. An idea too. I'll try to get an temporary ip and monitor logs for a while... How could this attack look like? Packet bursts? Lot of connections?