This program will listen on the specified PORT for incoming requests to test a peer's network connectivity. Incoming requests can ask it to connect to a given IPv4 address (and port) using TCP or UDP and to send a 2-byte test message using the specified address. The program can also be asked to send a "fake" ICMP response message to a given IPv4 address (for autonomous NAT traversal --- see the description in the respective research paper).
The idea is that gnunet-nat-server will be run on some trusted hosts with unrestricted connectivity to allow GNUnet users to test their network configuration. As written, the code allows any user on the Internet to cause the gnunet-nat-server to send 2-bytes of arbitrary data to any TCP or UDP port at any address. We believe that this is generally harmless.
When running gnunet-nat-server, make sure to use a configuration that disables most NAT options but enables 'enable_nat_client' and sets 'internal_address' to the global IP address of your local host. Also, the gnunet-helper-nat-client should be installed locally and run with root privileges (SUID), otherwise the gnunet-nat-server will not work properly.
Note that gnunet-nat-server could be run via gnunet-arm but typically is not. Also, the name of the host and port that gnunet-nat-server is run on should be specified in the NATSERVER option in the [setup] section of the configuration file of hosts that are supposed to autoconfigure with this server.
Normal GNUnet end-users should not concern themselves with gnunet-nat-server. In fact, distributions are encouraged to consider not shipping it at all.
The options are as follows:
The full documentation for gnunet is maintained as a Texinfo manual. If the info(1) and gnunet programs are properly installed at your site, the command
info gnunet
should give you access to the complete handbook,
info gnunet-c-tutorial
will give you access to a tutorial for developers.
Depending on your installation, this information is also available in gnunet(7)and gnunet-c-tutorial7.