Template:Networking rutos manual firewall: Difference between revisions

Template:Networking rutos manual firewall (view source)

Revision as of 09:15, 19 August 2020

228 bytes added , 19 August 2020

→‎Traffic rules

VisualWikitext

Dziugas

Bureaucrats, Interface administrators, Administrators

31,703

edits

@@ Line 521: / Line 521: @@
      </tr>
 </table>
+==NAT Rules==
+<b>Network address translation</b> (<b>NAT</b>) is method of modifying the source/destination address and/or port information in a packet's IP header.
 ===Source NAT===
 ----
-<b>Source NAT</b> is a specific form of masquerading which allows fine grained control over the source IP used for outgoing traffic. For example, to map multiple WAN addresses to internal subnets.
+<b>Source NAT</b> (<b>SNAT</b>) is a form of masquerading used to change a packet's source address and/or port number to a static, user-defined value. SNAT is performed in the POSTROUTING chain, just before a packet leaves the device.
+The Source NAT section displays currently existing SNAT rules.
+[[File:Networking_rutos_manual_firewall_nat_rules_source_nat.png|border|class=tlt-border]]
-====New source NAT====
+===Add New Source NAT===
 ----
-The <b>New Source NAT</b> section is used to add custom source NAT rules. The figure below is an example of the New source NAT section and the table below provides information on the fields contained in that section:
+The <b>Add New Source NAT</b> section is used to create new source NAT rules.
-[[File:Networking_rutx_manual_firewall_traffic_rules_source_nat_new_source_nat_v1.png| border | class=tlt-border| 1102x1102px]]
+[[File:Networking_rutos_manual_firewall_nat_rules_add_new_source_nat.png|border|class=tlt-border]]
 <table class="nd-mantable">
@@ Line 541: / Line 549: @@
        	<td>Name</td>
         	<td>string; default: <b>none</b></td>
-        	<td>The name of the rule. This is used for easier management purposes.</td>
+        	<td>The name of the rule. Used only for easier management purposes.</td>
      </tr>
      <tr>
      	<td>Source zone</td>
-         <td>firewall zone; default: <b>LAN</b></td>
+         <td>firewall zone; default: <b>lan</b></td>
-         <td>The zone from which traffic has originated.</td>
+         <td>Matches traffic originated from the specified zone.</td>
      </tr>
      <tr>
-     	<td>Destination zone</td>
+     	<td>Destination Zone</td>
-         <td>firewall zone; default: <b>WAN</b></td>
+         <td>firewall zone; default: <b>wan</b></td>
-         <td>The zone to which traffic will be forwarded to.</td>
+         <td>Matches traffic destined for the specified zone.</td>
      </tr>
      <tr>
      	<td>To source IP</td>
-         <td>ip | do not rewrite; default: <b>Do not rewrite</b></td>
+         <td>ip | do not rewrite; default: <b>none</b></td>
-         <td>Changes the source IP in the packet header to the value specified in this field.</td>
+         <td>Changes the source IP address in the packet header to the value specified in this field.</td>
      </tr>
      <tr>
-     	<td>To source port</td>
+     	<td>To Source Port</td>
-         <td>integer [0..65335] | do not rewrite; default: <b>Do not rewrite</b></td>
+         <td>integer [0..65335] | do not rewrite; default: <b>none</b></td>
          <td>Changes the source port in the packet header to the value specified in this field.</td>
      </tr>
@@ Line 566: / Line 574: @@
      	<td>Add</td>
          <td>- (interactive button)</td>
-         <td>Creates the rule and redirects you to the rule's configuration page.</td>
+         <td>Creates the rule in accordance with the given parameter and redirects you to the rule's configuration page.</td>
      </tr>
 </table>