[ previous ] [ next ] [ threads ]
 From:  Joey Morin <jmorin at icomm dot ca>
 To:  Adam Nellemann <adam at nellemann dot nu>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] NATed services by the public IP
 Date:  Thu, 24 Jun 2004 15:47:47 -0400 (EDT)
This one time, at band camp, Adam Nellemann said:

> > can anyone tell me what "bounce" refers to, and perhaps how i can
> > implement it in m0n0wall?
> Well, I'm not at all an expert on these matters (and I'm sure others
> will provide you with better explanations along the way), but...
> The way I've heard it referred to, it is (one of) the mechanisms used to
> implement precisly what you are asking for. That is, a request from your
> LAN side, for a NAT'ed service, will be "bounced" back through the NAT
> mechanism (and, I guess, the other firewall mechanisms as well), thus
> allowing you to access your own (inbound) NAT mappings just like you
> would from the WAN side.
> One could picture this as the WAN interface (or something just before
> it) "bouncing" any traffic from the LAN, destined for your external IP,
> back through the firewall as if it actually originated from the WAN.

can someone shed light on this?  or perhaps point me in the right
direction?  i'm wondering, is this going to require a new binary, or can
it be implemented in the config of existing routing/nating tools already
on the m0n0?

> I don't remember the precise reason given by Manuel for why this was not
> implemented in m0n0wall, but I do seem to remember there being one
> (although I don't know if it was a good reason, as I also remember
> Manuel being of the opinion that this was of little importance anyway).

i'm a bit of a special case, aren't i?  at least, that's what people tell
me... :)