On Fri, Jun 21, 2002 at 05:14:07PM -0400, Jan Harkes wrote:
> Or set up a static mapping like you suggest, although in that case you
> can only have a single client behind the firewall. If you set
> 'masquerade=0' in venus.conf the client will always send packets from
> udp port 2430 to 2432 on the server, and the sideeffect (file) transfers
> will go between 2431 on the client and 2433 on the server.

You could also set up a static mapping and still use masquerade=1.

Source NAT any outgoing packets to 2432/udp, i.e. allow outgoing packets
from the client, but rewrite the source address as if it came from the
firewall. And add destination NAT for all incoming packets coming from
port 2432/udp, i.e. rewrite the destination address to match that of the
Coda client. Do the same for 370/udp and clog should work as well.

Jan