hi marco strambino wrote: > In new efw 2.2 RC3 appeared the new feature Firewall -> port forwarding -> > "source nat". > Has someone already documented how this new feature works? > I mean, which differences are there between this new feature and the classic > "port forwarding"?
The documentation is on its way, we did'nt made it to finish it yet, needless to say that we planned to have it ready for a while now. While port forwarding changes the destination ip address (DNAT), SNAT changes only the source ip address, that's what happens when you have a big LAN which shares the same uplink ip address. Then every source ip address of every outgoing packet will be replaced with the ip address of your uplink. (This behaviour is defined as a "system rule") With that feature you can for example define that a certain host in orange should exit with a certain ip address (mailserver for example). That makes sense, if you have multiple ip addresses on an uplink. Or for example you could hide your workstations in GREEN behind the ORANGE ip address when they make connections to ORANGE, which for example allows you to have workstations in ORANGE, which do not have set any default gateway. There are plenty of scenarios... peter -- :: e n d i a n :: open source - open minds :: peter warasin :: http://www.endian.com :: [EMAIL PROTECTED] ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
