User Tools

Site Tools


docs:guide-user:firewall:fw3_configurations:fw3_nat

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
docs:guide-user:firewall:fw3_configurations:fw3_nat [2018/09/16 12:49]
bobafetthotmail ↷ Page moved from inbox:firewall:fw3_configurations:fw3_nat to docs:guide-user:firewall:fw3_configurations:fw3_nat
docs:guide-user:firewall:fw3_configurations:fw3_nat [2018/09/18 21:05] (current)
dturvene [Conntrack Diagnostics]
Line 1: Line 1:
 ====== fw3 NAT Configurations ====== ====== fw3 NAT Configurations ======
-The [[inbox:​firewall:​overview|fw3 application]] has extensive support for+The [[docs:​guide-user:​firewall:​overview|fw3 application]] has extensive support for
 [[https://​en.wikipedia.org/​wiki/​Network_address_translation|NAT]] filterning. [[https://​en.wikipedia.org/​wiki/​Network_address_translation|NAT]] filterning.
 NAT is a powerful feature and is credited with extending the life of the IPv4 NAT is a powerful feature and is credited with extending the life of the IPv4
Line 15: Line 15:
  
 ===== NAT Diagnostics ===== ===== NAT Diagnostics =====
-See [[inbox:​firewall:​netfilter_iptables:​management|Netfilter Management]] for +See [[docs:​guide-user:​firewall:​netfilter_iptables:​netfilter_management|Netfilter Management]] for 
-analyzing the netfilter rules.+analyzing the netfilter rules and investigating conntrack sessions.
  
-Additionally,​ all NAT features depend on the ''​nf_conntrack''​ modules to track 
-IP connections between the WAN-side and the LAN-side; viewing it can be 
-invaluable when debugging NAT traffic. ​ The kernel presents the table 
-through the [[https://​en.wikipedia.org/​wiki/​Procfs|procfs filesystem]] 
-at ''/​proc/​net/​nf_conntrack''​. 
- 
-:!: The nf_conntrack parameters can be tuned using parameters in the sysfs 
-filesystem under ''/​proc/​sys/​net/​netfilter''​. ​ This is almost never desirable. ​ 
  
 ===== NAT Example Configurations ===== ===== NAT Example Configurations =====
Line 98: Line 90:
  
 :!: Due to the high visibility of a public server, it may warrant putting :!: Due to the high visibility of a public server, it may warrant putting
-it/them in a [[inbox:​firewall:​fw3_configurations:​fw3_dmz|fw3 DMZ]].+it/them in a [[docs:​guide-user:​firewall:​fw3_configurations:​fw3_dmz|fw3 DMZ]].
  
 <​code>​ <​code>​
docs/guide-user/firewall/fw3_configurations/fw3_nat.1537102140.txt.gz · Last modified: 2018/09/16 12:49 by bobafetthotmail