1 | | - | /* |
2 | | - | Package nat provides simple NAT table implements. |
3 | | - | |
4 | | - | * Normal (Full Cone) NAT |
5 | | - | A full cone NAT is one where all requests from the same internal IP address |
6 | | - | and port are mapped to the same external IP address and port. Furthermore, |
7 | | - | any external host can send a packet to the internal host, by sending a packet |
8 | | - | to the mapped external address. |
9 | | - | |
10 | | - | * Restricted Cone NAT |
11 | | - | A restricted cone NAT is one where all requests from the same internal IP |
12 | | - | address and port are mapped to the same external IP address and port. |
13 | | - | Unlike a full cone NAT, an external host (with IP address X) can send a |
14 | | - | packet to the internal host only if the internal host had previously sent |
15 | | - | a packet to IP address X. |
16 | | - | |
17 | | - | * Port Restricted Cone NAT |
18 | | - | A port restricted cone NAT is like a restricted cone NAT, but the restriction |
19 | | - | includes port numbers. Specifically, an external host can send a packet, with |
20 | | - | source IP address X and source port P, to the internal host only if the internal |
21 | | - | host had previously sent a packet to IP address X and port P. |
22 | | - | |
23 | | - | * Symmetric NAT |
24 | | - | A symmetric NAT is one where all requests from the same internal IP address |
25 | | - | and port, to a specific destination IP address and port, are mapped to the |
26 | | - | same external IP address and port. If the same host sends a packet with the |
27 | | - | same source address and port, but to a different destination, a different mapping |
28 | | - | is used. Furthermore, only the external host that receives a packet can send a |
29 | | - | UDP packet back to the internal host. |
30 | | - | */ |
31 | | - | package nat |
32 | | - | |