Comment by tyingq
1 month ago
You have to squint a little and see they mean that most consumer routers don't map inbound unsolicited packets to anything internal unless the user specifically configured it to. Which is basically a firewall.
1 month ago
You have to squint a little and see they mean that most consumer routers don't map inbound unsolicited packets to anything internal unless the user specifically configured it to. Which is basically a firewall.
That's not true in my experience, consumer grade routers will often happily route packets with rfc1918 destination addresses from the WAN to the LAN interface all day. The "firewall" is only that nobody can get packets with those destination addresses to the home router's WAN interface through the internet.
This is because most consumer routers have a firewall, which is separate from the NAT. Creating NAT mappings also creates firewall entries.
Otherwise, the router would happily pass the packet along to any IP address it finds in a packet it receives. That's the job of a router, after all.