SnapGear 2.0.1 User Manual

Page 82

background image

Firewall

78

Source Address

The address from which the request originated (for
port forwarding you may specify this to restrict the
internal service to be only accessible from a specific
remote location)

Destination Address

The destination address of the request, this is the
address that will be altered

Destination Services

The destination service(s) (port(s)) of the request,
many public ports may be forwarded to a single
internal port

The next two fields describe how matching packets should be altered.

To Destination Address

The address to replace the Destination Address
(for port forwarding this will typically be the private
address of an internal machine)

To Destination Service

The address to replace Destination Services, this
need not be the same as the Destination Service
used to match the packet, but often will be

Generally leave Create a corresponding ACCEPT firewall rule checked unless you
want to manually create a more restrictive filter rule through Rules.

Source NAT

Source NAT alters the source address and optionally the source port of packets received
by the CyberGuard SG appliance. This is typically used for masquerading.

You can use the Source NAT functionality of Packet Filtering to tweak your CyberGuard
SG appliance’s masquerading behaviour.

See the Advanced section of the chapter entitled Network Connections for information on
configuring the basic masquerading (Source NAT) relationships between your
CyberGuard SG appliance’s interfaces.

Enable

Uncheck to temporarily disable this rule

Descriptive Name

An arbitrary name for this rule

This rule will be applied to packets that match the critera described by the next four fields.