假?你的 WAN IP ? 211.20.88.1/29 (固定八? IP), 211.20.88.1 已?定? m0n0wall WAN IP, 若欲做 1:1 NAT 之 IP ? 211.20.88.2 -> 192.168.1.21.Services -> Proxy ARP 新增一? 211.20.88.22.Firewall -> NAT -> 1:1 新增一? External subnet: 211.20.88.2/32, Internal subnet: 192.168.1.23.Firewall -> Rules -> 新增一? Source=any, Source Port=any, Destination=192.168.1.2, Destination port = any.done.注意: 步?三?造成 security risk, 不建?如此做, 你可以根?欲?放的 protocol ?定.
PCTONE看来是把MONOWALL的手册认真仔细的看了一遍啦~~~~精神可嘉!希望大家都象PCTONE一样,先把手册看明白~~~ ?才看了 1.2b8 release note:auto-add proxy ARP option for new 1:1 NAT mappings 所以新版已?自??你加入一? proxy ARP 了. 我也看见了,方便! 不明白为什么要这么做,想要开放哪些端口就映射好了。 QUOTE (张浩峰 @ May 31 2005, 06:39 AM)
不明白为什么要这么做,想要开放哪些端口就映射好了。
?你 WAN PORT 有多? IP ?, 要同?提供二?以上相同的 Service, e.g.,?? ftp server. 就需要??做. 原帖由 pctone 于 2005-5-29 08:39 PM 发表
?才看了 1.2b8 release note:auto-add proxy ARP option for new 1:1 NAT mappings 所以新版已?自??你加入一? proxy ARP 了.
NAT maps an internal IP to external IP, generally mapping a public IP address to a private IP address and vice versa. When you assign a 1:1 NAT mapping, any traffic coming from that host to the Internet will be NAT'ed to the defined external IP, and any traffic coming into the external IP will be NAT'ed and passed to the internal IP if firewall rules permit. (by default, the firewall rules do not allow any inbound traffic to 1:1 NAT mappings)
;P 如果有更多的外网IP同时影射到同一个内网IP如何做? 如上例
2.Firewall -> NAT -> 1:1 新增一? External subnet: 211.20.88.2/32, Internal subnet: 192.168.1.2
外网变,内网IP不变不就可以了么
页:
[1]