[Semibug] Is a NAT router also a Service Proxy Firewall?

Jonathan Drews jondrews at fastmail.com
Thu Sep 22 06:32:44 EDT 2022

On Thu, Sep 22, 2022 at 05:55:32AM -0400, Kyle Willett wrote:
> Hi Jonathan,
> I would say that yes, NAT also serves as a firewall in some sense.  An
> agent on the Internet can not access a devices using NAT without port
> forwarding so in effect the NAT is serving as a firewall.  For
> example, I can not access via SSH my Linux and BSD laptops even if
> they are running sshd at home over another computer on the Internet.
> This is one of two reasons it is so hard to host your own server at
> home!
> Also, I will disclaimer this: I just have a masters degree in IT and
> am not a network expert nor a BSD expert, nor a Linux expert, so take
> what I say with a grain of salt!

Thanks Kyle:

 That's what I wanted to know. Even if somehow they could get past the
NAT, they would have to get through my host based firewall that uses
PF. So I think I am pretty secure. 

I'm reading up on all this stuff to be ready for Peter Hansteens talk
this Sunday. It's going to be good.

Kind regards,

More information about the Semibug mailing list