I want to know *how to* setup this types of NAT:
/-Full Cone NAT/
/-Restricted Cone NAT/
/-Port Restricted Cone NAT/
/-Symmetric NAT/
Again ? I thought I already answered the last time you asked.
I couldn't solve the problem with the help you gave, so I had to try it
once again.
Besides, the last time I talked about types of NAT some people said it
was possible to create those NATs, others said it was impossible, but no
one told *how to* implement any kind of NAT.
Using iptables, I set all policies to "ACCEPT" and I was able to
setup two kinds of NAT:
(192.168.2.170 is my "public" address and 10.0.0.1 is my "private"
address
[...]
/-"Port Restricted Cone NAT", with just a single rule:/
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source
192.168.2.170/
This is "symmetric NAT", not "restricted cone NAT".
At least with the version of Iptables I have (1.3.0), all STUN clients I
tried told me that it was a "Port Restricted Cone NAT"
Now does anyone know how to setup Restricted Cone NAT and Symmetric NAT?
AFAIK, you cannot do "restricted cone NAT" nor "port restricted cone
NAT" with the stock Netfilter/iptables. It would require dedicated
conntrack and NAT helper modules.
At least with the version of Iptables I have (1.3.0), I can implement
"Port Restricted Cone NAT" with just one rule and I can implement an
"hardcoded" "Restricted Cone NAT" (I say it's hardcoded because It only
works for one host behind NAT).
So, as you can see, we disagree in our opinions.
However, if you want to test your NAT types with STUN, I recommend
JSTUN's client (http://jstun.javawi.de/).
Best Regards
Pedro
