Manualshelf

Operation Manual

ManualsBrandsMax ManualsVideoSFX Series
51525354555657585960
SFX SERIES USER’S GUIDE
Rev 2.2 54
Key Description
Remove Delete the selected (highlighted) row.
Up If there is more than one row in the table, move the selected row up one row.
Down If there is more than one row in the table, move the selected row down one row.
Source NAT
The Source Network Address Translation (SNAT) submenu is responsible for maintenance of source IP address
translation, which forms part of the IP packet Filtering Function in the receiver. This table defines up to 25 rules that
can be used to filter on various IP packet headers and perform a source address translation or masquerading function.
The rules in the Source NAT Table are applied to IP packets, typically independent of the network interface they
originated from.
Source NAT is done using options within the Linux iptables facility. More information on iptables can be obtained from
the manual or tutorial online at sites such as http://www.redhat.com. Additionally, you can contact IDC Customer
Service for a copy of the iptables tutorial (see Chapter 3). The iptables facility under Linux is extensive and complex;
and Source NAT is only one part of this facility. The Source NAT submenu is intended to make configuration of this
function more user friendly.
Source NAT of incoming IP packets is performed by the receiver according to the following rules:
1. IP packets can originate from any of the available network interfaces and are processed by the receiver in
accordance with the data flow in Figure 2- 12.
2. Up to 25 rules can be maintained by the Source NAT table. Rules are executed from the first rule to the last
rule, in sequence. Order matters; the first rule that is applicable to the incoming packet is applied.
Subsequent rules after that are ignored.
3. Packets can be filtered by Source IP Address/Port or Destination IP Address/Port, or both. Ports can only be
specified if UDP or TCP protocols are selected.
4. Two types of actions can be taken on the incoming packet where a rule applies:
a. Source Network Address Translation (SNAT) – the source IP address/port on the incoming packet
is replaced with a new source address/port, as specified in the rule; or
b. Masquerading (MASQ) – the source IP address on the incoming packet is replaced with the IP
address of the network interface of the receiver, which will be used to output the packet onto the
LAN (e.g. NET1/eth0 IP address if the packet is going out the NET1/eth0 interface).
5. Provision is made in the rule table for additional iptables options, allowing for maximum flexibility. However,
extreme care should be taken when using additional options, and the iptables manual must be consulted in
this case. (One example of an option usage could be to specify a source network interface for the incoming
packets.)
When the Source NAT submenu item is selected under Data Delivery, the Source NAT Table page is displayed for all
applicable source address translation rules. A sample Source NAT Table page is shown in Figure 2- 27.