Brook Shiliew Cheap Zhi Meeting Nan mitmproxy client Network Activity Monitor iOS Old App Downloader SSH Terminal Server Dashboard 菜根谭 Socks5 Configurator IPvBar File Link Markdown Editor IP AI nami joker brook ipio nico z zoro hancock mad httpserver google hosts

Test the NAT type of the current network

2023-02-20

Nami needs to be installed

https://github.com/txthinking/nami

Install stuntman

nami install stuntman

One line command to test the NAT type of the current network

stunclient stun.stunprotocol.org --mode behavior

stunclient stun.stunprotocol.org --mode filtering

Why is the output not a string like Full Cone or Symmetric

You may often see NAT types like Full-cone NAT, Address-restricted-cone NAT, Port-restricted cone NAT, Symmetric NAT.

Many NAT implementations combine these types, so it is better to refer to specific individual NAT behavior instead of using the Cone/Symmetric terminology.

Go back to the output of the test command above, if you have to classify the above names:
Full Cone is Endpoint-Independent Mapping,Endpoint-Independent Filtering.
Symmetric is Address- and Port-Dependent Mapping, Address-Dependent Filtering or Address and Port-Dependent Filtering.

Which is better

  • Full-cone NAT: the simplest and loosest, the least secure.
  • Symmetric: the most complex and strict, the safest.
© TxThinking, Inc. All Rights Reserved.