> NAT per se does not prevent an outside host from connecting to a host on your local network. ...

deng • last Saturday at 11:33 AM • 1 reply • view on HN

> NAT per se does not prevent an outside host from connecting to a host on your local network.

Yep, and a firewall per se does not prevent an outside host from connecting to a host on your local network. You can bang your head all day long, the side effect of NAT is to only allow incoming traffic that refers to an established connection that was initiated from the local network. How is this different from a firewall that does

Allow established, related

Allow outbound

Deny inbound

Replies

Dagger2 • last Saturday at 3:41 PM

No, the side effect of NAT is that outbound connections made from your network look like they come from the router's WAN IP. It doesn't filter incoming traffic.

If it did then you might have a point, but since it doesn't it's very different from a firewall that's configured to do that.

➕ show 1 reply

alt Hacker News

Replies