Y
Hacker News
new
|
ask
|
show
|
jobs
by
kzemek
1599 days ago
For a given value of "zero"; the packets are still copied from NIC buffers and wrapped in sk_buff.
1 comments
wmf
1599 days ago
Maybe headers are parsed but my understanding is that the whole packet is not copied.
link
gigel82
1599 days ago
It's a NAT router so needs at minimum to masquerade (change the src/dest IP in the packet headers to match the internal / public). I'd also be running fail2ban or crowdsec for the bare intrusion detection.
link