S R A / S F X 2 1 0 0 S E R I E S S A T E L L I T E R E C E I V E R
76
Destination NAT
The Destination Network Address Translation (DNAT) submenu is responsible for
maintenance of destination IP address translation, which forms part of the IP packet
Filtering Function in the receiver. This table defines up to 25 rules that can be used to filter
on various IP packet headers and perform a destination address translation. The rules in
the Destination NAT Table are applied on incoming IP data, typically independent of the
network interface the packet originated from.
Destination NAT is done using options within the Linux
iptables
facility. More information
on
iptables
can be obtained from the manual or tutorial online at sites such as
http://www.redhat.com
.
Additionally, you can contact IDC Customer Service for a copy of
the
iptables
tutorial (see Chapter 5). The
iptables
facility under Linux is extensive and
complex; and Destination NAT is only one part of this facility. The Destination NAT
submenu is intended to make configuration of this function more user friendly.
Destination NAT of incoming IP packets is performed by the receiver according to the
following rules:
1. IP packets can originate from any of the available network interfaces and are
processed by the receiver in accordance with the data flow in Figure 4-9.
2. Up to 25 rules can be maintained by the Destination NAT table. Rules are
executed from the first rule to the last rule, in sequence. Order matters; the first
rule that is applicable to the incoming packet is applied. Subsequent rules after
that are ignored.
3. If there is no applicable rule in the Destination NAT table, the default rule is applied
to the incoming packet.
4. Packets can be filtered by Source IP Address/Port or Destination IP Address/Port,
or both. Ports can only be specified if UDP or TCP protocols are selected.
5. Where a rule applies to a packet, Destination Network Address Translation (DNAT)
will be performed every time – the destination IP address/port on the incoming
packet is replaced with a new destination address/port, as specified in the rule.
6. Provision is made in the rule table for additional
iptables
options, allowing for
maximum flexibility. However, extreme care should be taken when using additional
options, and the
iptables
manual must be consulted in this case. (One example of
an option usage could be to specify a source network interface for the incoming
packets.)
When the Destination NAT submenu item is selected under Data Delivery, the Destination
NAT Table page is displayed for all applicable destination address translation rules. A
sample Destination NAT Table page is shown in Figure 4-26. (One example of an option
usage could be to specify a source network interface for the incoming packets.)
Содержание SuperFlex SFX2100 Series
Страница 1: ...User s Guide SRA SFX2100 Series Satellite Receiver Appliance...
Страница 12: ...S R A S F X 2 1 0 0 S E R I E S S A T E L L I T E R E C E I V E R 6 This page is intentionally left blank...
Страница 140: ...S R A S F X 2 1 0 0 S E R I E S S A T E L L I T E R E C E I V E R 134 This page is intentionally left blank...
Страница 146: ...S R A S F X 2 1 0 0 S E R I E S S A T E L L I T E R E C E I V E R 140 This page is intentionally left blank...
Страница 152: ...S R A S F X 2 1 0 0 S E R I E S S A T E L L I T E R E C E I V E R 146 This page intentionally left blank...
Страница 158: ...S R A S F X 2 1 0 0 S E R I E S S A T E L L I T E R E C E I V E R 152 This page intentionally left blank...
Страница 172: ...S R A S F X 2 1 0 0 S E R I E S S A T E L L I T E R E C E I V E R 166 This page is intentionally left blank...
Страница 180: ...S R A S F X 2 1 0 0 S E R I E S S A T E L L I T E R E C E I V E R 174 This page is intentionally left blank...
