[CentOS] [OT] Corporate Firewall -- NAT/PAT != bridging/routing with inspection

Bryan J. Smith thebs413 at earthlink.net
Fri Nov 11 00:03:15 UTC 2005

Adam Gibson <agibson at ptm.com> wrote:
> M0n0wall is a freebsd based system but it does support a
> public IP DMZ/Service interface.  You have to enable 
> advanced NATing.

Layer-3/4 Source and Destination NAT/PAT (network/port
address translation) is _not_ the same as layer-2 bridging or
layer-3 routing between networks and inspecting the packets
then.  I think he's looking for layer-2 bridging or layer-3
routing, not SNAT/DNAT.

IPCop does SNAT/DNAT, and can translate multiple public IPs
into private ones -- LAN, 2nd LAN (e.g., WLAN), DMZ, etc...
as well.  1:1 (NAT-only), 1:Many, Many:1.  Not the same as
inspecting frames/packets as they pass through a true layer-2
bridge, or a layer-3 router.

> Remote updating of the firmware/software is a big plus too.

As with IPCop.

Bryan J. Smith                | Sent from Yahoo Mail
mailto:b.j.smith at ieee.org     |  (please excuse any
http://thebs413.blogspot.com/ |   missing headers)

More information about the CentOS mailing list