Commonly known under a variety of names, SNAT, masquerading or Many-To-One NAT can be part of a solution to protect

Masquerading for connections or traffic initiated from inside a network. Consider reading Chapter 5, Network Address Translation (NAT) for details on handling inbound traffic or connections.

Masquerading has been supported under the linux kernel since before kernel 2.0. The technique of masquerading