Is there a way to remove one of more but not clear all NAT Translation Table entries such as through SNMP or the CLI or perhaps through other tools such as cnMaestro I haven’t come across yet? I started looking for a way to do this working with firewall gear in my backbone but haven’t come across anything yet.
Also, I was wondering, if there is a quick way to grab without using some type of screen scraping the entire NAT Translation Table with the same information as in the GUI under Logs->NAT Table. I see in SNMP a table from the WHISP-SM-MIB file for protocol, port, localip and extPort that I assume correlate but I am not at this point seeing where through using SNMP I could get access to information on the other columns available in the GUI.
Finally, I would like some clarity concerning NAT implementations as it seems and likely for good reasons many have moved away from early RFC or other attempts at standards for how to implement NAT. If there is not a standard that works well, if I were building a NAT Translation Table at request from a client to use a protocol like TCP I would have the NAT router attempt to start a session and if the router could not start a session I would not add an entry in the table and inform the client a session could not be started or perhaps I would have it marked as not established yet with a much shorter timeout than established TCP sessions if I had to have a limit of max entries in the table. As I understand it, to not do so allows an obvious attack of routers using NAT from the LAN side easily filling up NAT Translation Tables. If information about how Cambium implemented NAT could be clarified and also if it could be clarified if they could consider other options that would be helpful.