On 7 Jul, 2005, at 21:10, Steven M. Bellovin wrote:
> Real firewalls pass inbound traffic because a
> state table entry exists. NATs do the same thing, with nasty
> side-effects. There is no added security from the header-mangling.
>
To which Len Bosak quipped a few years ago: "If you don't know its
name, you can't curse it".
Sean.