View Single Post
  #3   (View Single Post)  
Old 10th February 2010
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 6,180
Default

Knowing nothing about your ST780WL, and, that your environment is configured with NAT before reaching the OpenBSD box -- you will not normally see incoming packets to your public Internet IP address on your OpenBSD platform, unless a state has been previously established -from- your OpenBSD platform.

NAT routers can be set to forward inbound traffic to specific UDP and TCP ports, or forward specific protocols that do not have ports, and some can also forward all traffic, using a feature typically called "DMZ", though the name and capabilities offered vary from one NAT device to another, depending on vendor.

Otherwise, all you've proved is that simple stateful NAT, offered by thousands of diferent off-the-shelf devices, provides intrinsic "firewall"-like capability, which is one of its basic value propositions.
Reply With Quote