| ▲ | everforward 4 days ago | |
> [0] Unless the router were "excitingly" misconfigured! This is probably the pivotal difference lol. Most of the ISP-provided routers I've used either have a default-allow policy or auto-create firewall rules when you add a NAT forwarding rule. I don't honestly recall which because it's been like a decade, but I do remember that I didn't have to explicitly add a firewall rule. | ||
| ▲ | simoncion 3 days ago | parent [-] | |
The exciting misconfiguration I was thinking of was one where Internet hosts could send packets to the router with LAN IPs as the destination IP and the router would happily forward those along and output them on the LAN interface(s). On a Linux router, perhaps setting ip_forward to 1 and leaving rp_filter at 0 would do the trick? It has been ages since I've had to play with rp_filter, so I can't remember exactly what its behavior is. | ||