Full cone NAT with source port translation sp si sp int TRUE ! np = NewPort Snat_fwd(h,np) d int TRUE Snat_fwd(h,s) d ext h.dstip==Ip(NAT) AND h.dstmac==Mac(NAT) Snat_rev(h,s.srcip,s.srcport) d Represents discrepancy of NAT dropping packet when the model thinks that there is state for it. Caused by inaccuracies and lack of sync in state expiration between model and NAT int TRUE Represents discrepancy of NAT dropping packet when the model thinks that there is state for it. Caused by inaccuracies and lack of sync in state expiration between model and NAT ext h.dstip==Ip(NAT) AND h.dstmac==Mac(NAT)