[ previous ] [ next ] [ threads ]
 From:  Dinesh Nair <dinesh at alphaque dot com>
 To:  Alain Fauconnet <alain at ait dot ac dot th>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] how to allow incoming connections from WAN to LAN? (no NAT)
 Date:  Thu, 24 Nov 2005 20:41:22 +0800
On 11/24/05 08:54 Alain Fauconnet said the following:
> So why do I still have all those NAT-related entries in the status.php
> output? OK, I need to study ipfw and ipnat... my culture is Linux's
> iptables.

could they be a holdover from the dynamic NAT states created when NAT was 
enabled ? a reboot should clean them however.

> My guts feeling is that statefulness works only for LAN->WAN
> connections by design of M0n0wall, so I need to "hack" the

with NAT turned on, you cant have a connection initiated from the WAN to 
the LAN without port forwarding the relevant ports. with NAT turned off 
however, bidirectional connections are possible. on a few of the m0n0walls 
i have at home, i've turned off NAT on LAN to be able to do just this.

Regards,                           /\_/\   "All dogs go to heaven."
dinesh at alphaque dot com                (0 0)    http://www.alphaque.com/
| for a in past present future; do                                        |
|   for b in clients employers associates relatives neighbours pets; do   |
|   echo "The opinions here in no way reflect the opinions of my $a $b."  |
| done; done                                                              |