:In the IP masquerading diagram given here
:in step 12 , how does the masq server determines , the packet is not for
:the linux server but for an internal masqued machine ?
:masquerading operation is just SNAT/DNAT operation isn't it ?
Whenever SNAT is set up for a connection, a corresponding DNAT is
automatically set up for the reply traffic.
SNAT 192.168.0.10:1060 -> 184.108.40.206:64000
DNAT 220.127.116.11:64000 -> 192.168.0.10:1060
And yes, there are typos in that linux-mag figure. There's a missing
"123" address component in the addresses in each of the green boxes.
Bob Nichols AT comcast.net I am "RNichols42"