Systems and methods are described for using network address translation (NAT) for implementation of stateful routing. A firewall (or firewall server) filters communications between a first host and a second host at a firewall socket layer. Destination addresses for data packets coming into the firewall are translated to an internal (socket) address of the firewall. Source addresses for data packets sent from the firewall are translated to an address of the sending host. As a result, the receiving host sees the data packets as coming from the sending host. Translation rules applied during the communications are stored in a rules module and are applied to all packets having a particular source and a particular destination.