I think I hit a bug in m0n0 and the handling of the advanced NAT (or at
least an unexpected behaviour for me).
I tried to set up a WAN+LAN+OPT1 interface, where traffic from LAN->WAN and
LAN->OPT1 should be natted, while traffic of OPT1->WAN should go without
natting (the OPT1 interface has public ip addresses).
The problem is that LAN->WAN natting works fine, but when I try to connect
from LAN->OPT1 the packets are not translated to the OPT1 addresses.
In what follows, the LAN is 10.0.0.0/8, WAN is 18.104.22.168/24, OPT1 is
I have set the nat rules like this:
Source: 10.0.0.0/8 Dest: 22.214.171.124/24 Target: 126.96.36.199
Source: 10.0.0.0/8 Dest: * Target: Empty (the wan address)
With this setup, running a tcpdump on the OPT1 side, I see packets coming in
with the LAN addresses and not the IP address of the firewall on the OPT1