Daniel,
I agree with the rest of your post, however
Since NAPT uses stateful inspection to operate,
I think I don't agree with this. I would say that NAPT is a stateful
process but not that it uses inspection. By "inspection" I understand a
more intelligent process that decapsulates packets and looks for "bad"
things inside them, which is a separate function.
In other words, there is a difference between 'stateful' and 'stateful
inspection'. 'Stateful' is a feature of both NAPT boxes and firewalls;
'stateful inspection' is a feature of more sophisticated firewalls only;
if you happen to find a NAPT box that does stateful inspection (the $50
ones don't) it could indeed be called a firewall.
Michel.