![]() In scenarios where default route would send the packet out of a different interface from which it was received, double NATing is the answer. The packet arrives at the host which requested it and, as its source address is the same as that to which the original request was sent, is gratefully received.It therefore modifies the source address of the returning packet so that it looks like it came from the address it was destined for before it was DNATed in step two. The packet is received by the firewall host which sees that it is destined for the same host which it just performed the DNAT operation for.As the source address was unchanged it should be sent back via the default gateway which will be the firewall host in the previous step. This host then generates a response packet which it sends back to the originating host. This works fine & I have been monitoring all users connecting to the internet. The packet arrives at the host we specified. Hi All, I configured a bridged debian firewall using bridging utilities.The packet's source address is unchanged and still represents the originating host. ![]() ![]()
0 Comments
Leave a Reply. |