Blocking is part of a firewall, but it can also be part of other things that are not firewalls. So, just because something is blocked, that does not mean the blocker is a firewall.
NAT doesn't have to block anything in either direction. You can have a
1:Many NAT solution (like the Linksys, D-Link, etc...) where all ports inbound are forwarded to a specific IP - which means there is no blocking in either direction.
SPI can be added to NAT devices, it's not included just because the device does NAT, the vendor has to include it.
So, lets call the users Toaster a firewall, since it technically can produce enough heat to create a fire near a wall in the house. See, if we don't educate users they will continue to think those devices are firewalls, and they will continue to allow the sales/marketing types to get away with it.
"In computer networking, tunneling means the transmission of one data protocol encapsulated in another using a tunneling protocol. This technique often occurs in combination with encryption."
Say no more here to me Dangerous little stupid Cyberdrool as you admit to it. You can now go put on a Pamper and go lurk a corner in your apartment or you can lurk in the corner of your apartment complex. Better yet, put on a wireless Pamper and wirelessly stand in the middle of busy street traffic and lurk that.
What is the difference if the S&M types (heh) get away with it? As far as the home user in concerned, a NAT router is *their* firewall. It restricts access somewhat.
By your, and Duane's, strict definition of a firewall, a home user is rarely going to have one.
Note, I do see your point and understand why you want a strict definition. So now maybe you see my point in not thinking it's all that important. For the good of the net, at least many home users are using *something*.
And why is that a bad thing - the only reason they call them Firewalls is to that ignorant people will purchase them. In the days when they first came out they called them CABLE/DSL ROUTERS, then, without any change in the firmware or functions, about 6 months later, they started packaging them as "Firewalls".... See the history here.... Poeple will buy it if you sell it as some BUZZ word they think they need.
Don't get me wrong, I recommend NAT Routers to ALL home users with DSL or Cable, and I was installing "LAN MODEMS" long before there ever was DSL or CABLE service - LAN Modems are single unit boxes with a NAT router and a modem and a 1 or more port HUB - 3COM use to make them and they did great to protect Dial-Up users from inbound (as do the Cable/DSL routers), but they were not and are not firewalls.
You seem to think I want a "stricter" definition when in reality, until those lamers started calling NAT devices firewalls, it was always understood that NAT does not make a device a firewall. It's those supporters of NAT being a firewall that are "watering down" the definition of what a Firewall is.
The real problem is that people think these devices ARE firewalls and that they are getting the same protection that their company firewall give them - even though they have no idea what kind of protection that is.
If you don't object to a Yugo being called a Space Shuttle I can see why you don't object to a NAT Router being called a Firewall.
The Yugo and the Space Shuttle are both forms of transportation. They serve, to a greater or lesser degree, in the process of getting from point A to point B.
No one would insist that a Yugo isn't a "vehicle". They are both vehicles.
And that's the point - they both can do some things in common, but no one would ever make the false assumption that the Yugo is a space capable vehicle - which is the point about NAT Routers and Firewall Appliances. The common point is Routing, not protection.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.