当内部主机发出一个“外出”的连接会话,就会创建了一个 公网/私网 地址,一旦这个地址对被创建,全双工锥形nat会接收随后任何外部端口传入这个公共端口地址的通信。因此,全双工锥形nat有时候又被称为"混杂"nat。
restricted cone nat
a restricted cone nat only forwards an incoming packet directed to a public port if its external (source) ip address matches the address of a node to which the internal host has previously sent one or more outgoing packets. a restricted cone nat effectively refines the firewall principle of rejecting unsolicited incoming traffic, by restricting incoming traffic to a set of "known" external ip addresses.
受限制的锥形nat
