RE: Types of packet modifications allowed for networks

["Darden, Patrick S." <darden () armc org>]

I'm not aware of any hard rules regarding this.  I'll include yours below:

--packet fragmentation due to inconsistent MTUs and/or bandwidth (e.g. moving from ATM at 150Mbps to a fractional DS3 
at 3.088Mbps)
--ttl changes from hop to hop
--dest ip changes from hop to hop
--PAT/NAT changes in last network borders (e.g. routing traffic to appropriate endpoints (servers) or starting points 
(workstations))
--PAT/NAT changes in "last" host (e.g. it hits ext ip port 4443, gets changed to newip:443 and forwarded on)
--firewall changes in buffer/mother network (e.g. protective network or DMZ)--these could be almost anything, most 
frequent would be morons who completely block ICMP--you should probably count anti-spam and anti-virus (layer 4 but 
affects layer 3 dramatically) but these are usually advertised features subscribed to by the customers (as opposed to 
secret "features" that only come out due to customer outrage)
--header checksum changes after contents changes (e.g. dip at a router)

Meh, not sure I was helpful.
--p