The secondary function of a firewall is to modify the packets passing through the firewall. This is called Network address translation (NAT), as the modifications usually applies to either sender or receiver information contained in the packets. NAT can for example be used to allow machines without a public addressable Internet protocol (IP) number, to access the Internet through a firewall, by using the IP-number of the firewall as the sender identification. This is also called ip masquerading, as it disguises the address of the machines behind the firewall.
Anders Peter Fugmann 2011-03-20