[Ilugc] Building up a NAT Box

Mohan Sundaram mohan.tux at gmail.com
Tue Dec 2 11:11:42 IST 2008

On Tue, Dec 2, 2008 at 10:54 AM, Girish Venkatachalam <
girishvenkatachalam at gmail.com> wrote:
> Protocols like SIP, FTP, RTP and other broken protocols that negotiate
> port numbers in the payload (this includes all of RPC protocols
> including NFS of course) need special handling in the firewall/NAT box.
> I dunno a thing about linux firewalling but it is really really messy...

IPTables has NAT helpers or ALGs for precisely these reasons. It is easy to
do and there is no need to think of it as messy. One needs some time and
resolve, thats it. In case you want a packaged distro for the edge that does
this and a lot more, look at Untangle.


