From mboxrd@z Thu Jan 1 00:00:00 1970 Message-Id: <200011181420.OAA03216@whitecrow.demon.co.uk> To: cnielsen@pobox.com Cc: 9fans@cse.psu.edu Subject: Re: [9fans] IL and NAT In-reply-to: Your message of "Fri, 17 Nov 2000 15:48:43 PST." Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii From: Steve Kilbane Date: Sat, 18 Nov 2000 14:20:34 +0000 Topicbox-Message-UUID: 2cc441c4-eac9-11e9-9e20-41e7f4b1d025 > My gut response is bollocks, but is there any reason that IL > wouldn't work through NAT other than Cisco hasn't written > the code to handle it? If I recall Firewall-1 correctly, you can bodge up support for rare protocols by specifying some low-level transformation rules: if (value at offset x) == y, change bytes elsewhere accordingly. I was only skimming docs at the time, and never got around to reading it in detail, so I might be completely wrong. Point is, though, does your Cisco support something similar? As for it going into the Cisco base product (from which an entire range of Cisco units are produced), I'd put the chances at approximately equal to the market: practically none. Even if you gave them the code for free, they'd have to make sure it didn't break anything else, and that'd cost them. steve