Date: Thu, 15 Mar 2007 14:25:48 +0200 From: =?UTF-8?B?ItCQ0LvQtdC60YHQtdC5INCRLiI=?= <lelik_b@bk.ru> To: freebsd-questions@freebsd.org Subject: ipnat. Mapping only specified port Message-ID: <45F93B4C.2010704@bk.ru>
next in thread | raw e-mail | index | archive | help
I use IPFilter firewall and I need to remap only packets with specified port in destination. Other traffic should not be remapped. IPNAT(5) says following: Matching of packets has now been extended to allow more complex compares. In place of the address which is to be translated, an IP address and port number comparison can be made using the same expressions available with *ipf*. I tried the following line in ipnat.rules: map rl0 from 192.168.0.0/24 to any port=pop3 -> 0.0.0.0/32 But it didn’t help: isrv# ipnat -CF -f /etc/ipnat.rules 0 entries flushed from NAT table 1 entries flushed from NAT list isrv# ipnat -l List of active MAP/Redirect filters: map rl0 from 192.168.0.0/24 to any -> 0.0.0.0/32 List of active sessions: isrv# As you can see, active filter didn’t contain port I need. How can I specify IP address and port number to be translated in ipnat.rules? Or can I restrict NAT for all traffic to specified network? --- Alexey B.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45F93B4C.2010704>