In the eRacks/NAT Firewall, Is NAT used for incoming or outgoing traffic?
NAT is generally used for outgoing traffic only. Incoming traffic is usually accomplished by simple port-forwarding, with certain types (fragmented, for example) of traffic filtered out. Although ports can be forwarded to other internal IP addresses, this isn’t generally referred to as NAT, which includes port-remapping as well as forwarding. For example, a typical set of firewall rules would only allow HTTP (port 80), HTTPS (port 443), and SSH (port 22) traffic to pass to the internal network’s servers, and reject (or drop) all other traffic, thus securing the site against intruders.