On Sun, Aug 11, 2013 at 11:40 AM, Florian Weimer <fw () deneb enyo de> wrote:
Apparently, they're implementing DNS proxy by destination-NATting, and
because they listen also on the WAN interface, they get the source
This is quite scary.
which part? the fact that most NAT implementations on CPE are crap? or
the spoofing bit?