Westermo RedFox Series User Manual
Page 739
Westermo OS Management Guide
Version 4.17.0-0
Usage Add or delete a NAT rule.
❼ Add a NAPT NAT rule
These keywords are available for creating NAPT rules:
– ”type napt”. Select NAPT.
– ”out <IFNAME>”. Mandatory. The outbound interface used for NAPT.
Outgoing packets handled by this rule will appear to originate from
the IP number configured (the primary address) or acquired (DHCP)
for this interface.
– ”in <IFNAME>”. Optional. Specify that packets must arrive from
this interface for this rule to apply.
– ”src <ADDR[/LEN]>”. Optional. Specify that packets must origi-
nate from a specific IP subnet for this rule to apply.
– ”addfilter”. If set, an automatic (invisible) packet filter rule will be
created in the forward filtering chain allowing packets matching this
NAT rule. Do not set this option if you want to manage forwarding
rules yourself.
– ”passive”. Specify that this rule is created as inactive. It will be
shown in config but not used. To enable use ”passive” command,
see
– ”log”. Enables logging for traffic that matches this NAT rule. Noth-
ing will however be logged if logging is enabled here but disabled
under the common settings. See
❼ Add a 1-to-1 NAT rule
These keywords are available for creating 1-to-1 NAT rules:
– ”type 1-to-1”. Select 1-to-1 NAT.
– ”in <IFNAME>”. Mandatory. The inbound interface used for 1-to-1
NAT.
– ”dst <ADDR[/LEN]>”. Mandatory. Packets arriving on the inbound
interface and has the IP destination within this subnet will be NATed.
– ”to-dst <ADDR[/LEN]>”. Mandatory. The new destination IP net-
work for the NAT. Must be of exact same size as the ”dst” network.
– ”addfilter”. If set, automatic (invisible) packet filter rules will be
created in the forward filtering chain allowing packets matching this
➞ 2015 Westermo Teleindustri AB
739