6.2. Inbound NAT

Inbound NAT allows you to open up TCP and/or UDP ports or port ranges to hosts on networks protected by SmallWall. You may need to open ports to allow certain NAT-unfriendly applications and protocols to function properly. Also if you run any services or applications that require inbound connections to a machine on your internal network, you will need inbound NAT.

Inbound traffic is incoming data that arrives on the selected SmallWall NAT interface that has not already travelled through the SmallWall itself. For example, inbound traffic on the WAN interface coming directly from the Internet can have inbound rules applied to it but traffic from the LAN network that goes through the WAN interface cannot have inbound rules applied because that traffic had to pass through the SmallWall to arrive at the WAN interface.


It is not possible to access NATed services using the WAN IP address from within LAN or an optional network. (Port reflection) Only external traffic incoming on the selected interface will have Inbound NAT rules applied to it. One way around this is to put the internal IP address in the DNS forwarder under the external domain name.