SnapGear 2.0.1 User Manual

Firewall

79

Source Address

The address from which the request originated (for
masquerading this will typically be a private LAN or
DMZ address)

Outgoing Interface

The interface that receives the request (for
masquerading this will typically be private interface,
i.e. LAN or DMZ)

Destination Address

The destination address of the request

Destination Services

The destination service(s) (port(s)) of the request

The next two fields describe how matching packets should be altered.

To Source Address

The address to replace the Source Address (for
masquerading this will typically be a public address
of the CyberGuard SG appliance, i.e.
WAN/Internet)

To Source Service

The service to replace Source Services, this need
not be the same as the Source Service used to
match the packet, but often will be

1-to-1 NAT

This creates both a Source NAT and Destination NAT rule for mapping an all services on
an internal, private address to an external, public address.

Enable

Uncheck to temporarily disable this rule

Descriptive Name

An arbitrary name for this rule

The public network is on

Select the interface on which the public address
resides, this will typically be WAN/Internet or DMZ

Change private address

The private address to change

Into public address

The public address, typically a WAN interface alias

Leave Create a corresponding ACCEPT firewall rule checked to create a virtual DMZ
type scenario, where the machine at the private address will be effectively unfirewalled.