This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
forward-basic [2023/10/26 15:32] – [PAT] -formatting hogwild | forward-basic [2023/10/26 17:17] – [Advanced Scenarios] hogwild | ||
---|---|---|---|
Line 3: | Line 3: | ||
When traffic is initiated from the Internet towards FreshTomato' | When traffic is initiated from the Internet towards FreshTomato' | ||
- | | + | \\ |
==== NAT ==== | ==== NAT ==== | ||
Line 10: | Line 11: | ||
Connections initiated on the Internet will not reach a LAN IP address, as the PAT (Port Address Translation) table doesn' | Connections initiated on the Internet will not reach a LAN IP address, as the PAT (Port Address Translation) table doesn' | ||
- | | + | \\ |
==== PAT ==== | ==== PAT ==== | ||
Line 37: | Line 39: | ||
\\ | \\ | ||
- | **Src Address**: (Optional). This will restrict the rule so it's applied only from specific source addresses. | + | **Src Address**: (Optional). This will restrict the rule so it's applied only from specific source addresses. DNS hostnames, FQDN names and IP addresses |
**Ext Port:** This defines a mapping to the (external) port the Internet connection expects to use. It can be a single port or a range, with syntax: " | **Ext Port:** This defines a mapping to the (external) port the Internet connection expects to use. It can be a single port or a range, with syntax: " | ||
- | **Int Port:** (Optional). Here, you can specify a different (internal) port to the target LAN IP address. Leaving this empty uses the same port as the Ext Port \\ (Default: empty). | + | **Int Port:** (Optional). Here, you can specify a different (internal) port for the target LAN IP address. Leaving this empty uses the same port as the Ext Port setting\\ (Default: empty). |
- | **Int Address:** This specifies the internal | + | **Int Address:** This specifies the internal |
**Description: | **Description: | ||
Line 53: | Line 55: | ||
==== Advanced Scenarios ==== | ==== Advanced Scenarios ==== | ||
- | As we know, only one given socket (port/ | + | As we know, only one given socket (port/ |
=== Reverse Proxy === | === Reverse Proxy === | ||
- | By definition, A proxy needs to speak the language (protocol) used by the application | + | In order to perform its job, a proxy must speak the protocol used by the application. For example, an HTTP proxy cannot serve SMTP. If you needed |
- | === source bound redirection | + | === Source Bound Redirection |
- | If the source IP and/or FQDN is well known you can create multiple port mapping references on the same port: | + | If the source IP and/or FQDN is well-known, you can create multiple port mapping references on the same port: |
- | and result into traffic from source.example.com (whichever | + | \\ |
+ | |||
+ | | ||
+ | |||
+ | \\ | ||
+ | |||
+ | The above settings above would cause traffic from "source.example.com" | ||
+ | |||
+ | \\ | ||