This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
forward-basic [2023/10/26 08:57] – rs232 | forward-basic [2023/10/26 17:27] (current) – [Advanced Scenarios] -condense hogwild | ||
---|---|---|---|
Line 2: | Line 2: | ||
When traffic is initiated from the Internet towards FreshTomato' | When traffic is initiated from the Internet towards FreshTomato' | ||
+ | |||
+ | \\ | ||
==== NAT ==== | ==== NAT ==== | ||
Line 8: | Line 10: | ||
Connections initiated on the Internet will not reach a LAN IP address, as the PAT (Port Address Translation) table doesn' | Connections initiated on the Internet will not reach a LAN IP address, as the PAT (Port Address Translation) table doesn' | ||
+ | |||
+ | \\ | ||
==== PAT ==== | ==== PAT ==== | ||
Line 35: | Line 39: | ||
\\ | \\ | ||
- | **Src Address**: (Optional). This will restrict the rule so it's applied only from specific source addresses. | + | **Src Address**: (Optional). This will restrict the rule so it's applied only from specific source addresses. DNS hostnames, FQDN names and IP addresses |
**Ext Port:** This defines a mapping to the (external) port the Internet connection expects to use. It can be a single port or a range, with syntax: " | **Ext Port:** This defines a mapping to the (external) port the Internet connection expects to use. It can be a single port or a range, with syntax: " | ||
- | **Int Port:** (Optional). Here, you can specify a different (internal) port to the target LAN IP address. Leaving this empty uses the same port as the Ext Port \\ (Default: empty). | + | **Int Port:** (Optional). Here, you can specify a different (internal) port for the target LAN IP address. Leaving this empty uses the same port as the Ext Port setting\\ (Default: empty). |
- | **Int Address:** This specifies the internal | + | **Int Address:** This specifies the internal |
**Description: | **Description: | ||
Line 49: | Line 53: | ||
\\ | \\ | ||
- | ==== Advanced | + | ==== Advanced |
- | As we know only one given port:protocol can be forwarded at any given time e.g. if port 80 is already redirected to 192.168.1.10 this port is now " | + | As we know, only one given socket (port/protocol |
- | === reverse proxy === | + | === Reverse Proxy === |
- | A proxy by definition needs to talk the language (protocol) used by the application | + | In order to perform its job, a proxy must speak the protocol used by the application. |
- | === source bound redirection | + | === Source Bound Redirection |
- | If the source IP and/or FQDN is well known you can create multiple port mapping references on the same port: | + | If the source IP and/or FQDN is well-known, you can create multiple port mapping references on the same port: |
- | and result into traffic from source.example.com | + | \\ |
+ | |||
+ | | ||
+ | |||
+ | \\ | ||
+ | |||
+ | The settings above would cause traffic from the IP address(es) of "source.example.com" towards ports 80 and 443 on the router, to be redirected to the specific LAN address in that rule. They would also cause traffic | ||
+ | |||
+ | \\ | ||