|
||||||||||
On 18.12.2003, at 20:13, Eric Garnice wrote: > I've noticed that if I change a NAT port mapping, packets are > forwarded to > both the original destination as well as the new destination until I > reboot > m0n0wall. Did you test with UDP? If so, then that's very well possible and also unavoidable, as m0n0wall cannot know when an UDP transmission is over, so the entry in the state and NAT tables will remain for a few minutes until it times out. You can manually clear these tables on the "Reset state" page. > This can be very dangerous. I do software testing, and need to change No. Even if NAT failed by redirecting packets that it wasn't supposed to, it still wouldn't be "dangerous" as the packet filter would take care of it (if configured properly). Changing a NAT rule does not change any filter rules, even if a filter rule was initially auto-added (checkbox on add NAT rule screen). - Manuel |