Thank you for creating the project! Oddly enough I came across fck-nat last week and have been looking into incorporating it into my project app to avoid paying the $30+ per month for the managed solution.
As someone who is new to setting up VPCs and networking, how does this work? I was so curious I even tried to query ChatGPT about it a couple of days ago but I got a less than satisfactory answer.
Is the secret to making it work disabling the "source destination check"? Say a host in the private subnet wants to connect to a host on the internet, it tries to connect to <PublicIP>, and sends some IP packets over the subnet via the ENI, does the VPC subnet act like an old-school ethernet connection where fck-nat gets the IP packets for <PublicIP> (source/dest is disabled so it receives the packets) and then it forwards it to the internet gateway and does the network address translations when it receives a response packet?
From the VPC perspective, the key here is understanding that subnets within VPCs have route tables that determine where traffic from your subnet goes next. In this case traffic to the internet is sent to an interface on the NAT instance.
