[ previous ] [ next ] [ threads ]
 From:  "Dave C." <mono at comm dot it>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Possible a bug in NAT handling?
 Date:  Thu, 18 Mar 2004 20:59:39 +0100

I think I hit a bug in m0n0 and the handling of the advanced NAT (or at
least an unexpected behaviour for me).

I tried to set up a WAN+LAN+OPT1 interface, where traffic from LAN->WAN and
LAN->OPT1 should be natted, while traffic of OPT1->WAN should go without
natting (the OPT1 interface has public ip addresses).

The problem is that LAN->WAN natting works fine, but when I try to connect
from LAN->OPT1 the packets are not translated to the OPT1 addresses.

In what follows, the LAN is, WAN is, OPT1 is

I have set the nat rules like this:

Source:    Dest:    Target:
Source:    Dest: *    Target: Empty (the wan address)

With this setup, running a tcpdump on the OPT1 side, I see packets coming in
with the LAN addresses and not the IP address of the firewall on the OPT1

Any hints?