Am 26.08.15 um 03:43 schrieb Rafael Gava: > Hi, > > this is my first submission to the list and I hope that I'm doing in > the right way. :-) > Yes submitting patches to the list is the preferred way. I haven't looked in the patch yet. I am first trying to understand the goal of the patches. > > Well, the features added to Network Address Translator are: > > 1) Allow the user to use the string "localhost" on the client-nat > network configuration in a way that is not necessary to inform the IP > address beforehand. Openvpn will set the dynamic received IP from DHCP. > Example: > > client-nat snat localhost 255.255.255.255 172.20.1.15 # replaces the > 'localhost' string with the DHCP address received from openvpn server.
I am not sure what you trying to achieve here? Forward all packets intended for this host to another? > 2) Allow the user to enable the FTP NAT support through the > --enable-nat-ftp-support option. > This is useful for systems that don't have conntrack-tools support, > for example on Windows systems. On windows this feature is enabled by > default. > > enable-nat-ftp-support (yes | no) > Okay yes. Active FTP is broken by our simple nat implementation. But I think FTP, let alone active FTP is dead. I am not sure if we should support this in our simple NAT implementation. Arne
