Re: Is source address selection based on rules (netfilter) possible ?



On Aug 28, 4:20 am, Roger Blake <rogbl...@xxxxxxxxxxxxx> wrote:

On 2010-08-27, Xavier Roche <xro...@xxxxxxxxxxxxxxxxxxxxxx> wrote:

Yes, just tested and NATing is not available at all - probably because
NAT on v6 is really stupid (and nobody wants NAT to live forever)

Why not? Why would anyone not running a public server want their
network interface exposed directly to the internet?

NAT and firewalls have nothing to do with each other. NAT happens to
provide some slight level of security by accident that you can't rely
on.

DS
.