| Server IP : 13.213.54.232 / Your IP : 216.73.216.72 Web Server : Apache/2.4.52 (Ubuntu) System : Linux ip-172-31-17-110 6.8.0-1029-aws #31~22.04.1-Ubuntu SMP Thu Apr 24 21:16:18 UTC 2025 x86_64 User : www-data ( 33) PHP Version : 7.1.33-67+ubuntu22.04.1+deb.sury.org+1 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals, MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /proc/thread-self/root/usr/share/doc/iptables/html/ |
Upload File : |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <HTML> <HEAD> <META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.82"> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <TITLE>Linux 2.4 NAT HOWTO: Caveats on NAT</TITLE> <LINK HREF="NAT-HOWTO-9.html" REL=next> <LINK HREF="NAT-HOWTO-7.html" REL=previous> <LINK HREF="NAT-HOWTO.html#toc8" REL=contents> </HEAD> <BODY> <A HREF="NAT-HOWTO-9.html">Next</A> <A HREF="NAT-HOWTO-7.html">Previous</A> <A HREF="NAT-HOWTO.html#toc8">Contents</A> <HR> <H2><A NAME="s8">8.</A> <A HREF="NAT-HOWTO.html#toc8">Caveats on NAT</A></H2> <P>If you are doing NAT on a connection, all packets passing <B>both</B> ways (in and out of the network) must pass through the NAT'ed box, otherwise it won't work reliably. In particular, the connection tracking code reassembles fragments, which means that not only will connection tracking not be reliable, but your packets may not get through at all, as fragments will be withheld.</P> <HR> <A HREF="NAT-HOWTO-9.html">Next</A> <A HREF="NAT-HOWTO-7.html">Previous</A> <A HREF="NAT-HOWTO.html#toc8">Contents</A> </BODY> </HTML>