Annotation of src/share/ipf/nat.1, Revision 1.5
1.5 ! aaron 1: Example NAT Rules
! 2:
! 3: # Scenario: Two network interfaces; one connected to internal 192.168.0.XXX
! 4: # network, other connected externally to the Internet. Suppose the internal
! 5: # interface is named ep1 and the external interface is named xl0. The
! 6: # following mapping will provide the internal network with Internet
! 7: # connectivity for tcp/udp traffic (note the ep1 name is not used; instead
! 8: # its network address is used):
! 9: map xl0 192.168.0.0/24 -> xl0/32 portmap tcp/udp 10000:20000
1.4 kstailey 10:
1.2 kstailey 11: # map all tcp connections from network 10 to the address of the first ppp0
1.3 kstailey 12: # interface (which can be dynamically assigned prior to use of ipnat)
1.2 kstailey 13: map ppp0 10.0.0.0/8 -> ppp0/32 portmap tcp/udp 10000:20000
1.3 kstailey 14:
15: # map all tcp connections from network 10 into addresses of network 240.1.0
16: map ppp0 10.0.0.0/8 -> 240.1.0.0/24 portmap tcp/udp 10000:60000
1.2 kstailey 17:
1.1 dm 18: # map all tcp connections from 10.1.0.0/16 to 240.1.0.1, changing the source
19: # port number to something between 10,000 and 20,000 inclusive. For all other
20: # IP packets, allocate an IP # between 240.1.0.0 and 240.1.0.255, temporarily
21: # for each new user.
22: #
23: map ed1 10.1.0.0/16 -> 240.1.0.1/32 portmap tcp 10000:20000
24: map ed1 10.1.0.0/16 -> 240.1.0.0/24
25: #
26: # Redirection is triggered for input packets.
27: # For example, to redirect FTP connections through this box, to the local ftp
28: # port, forcing them to connect through a proxy, you would use:
29: #
30: rdr ed0 0.0.0.0/0 port ftp -> 127.0.0.1 port ftp
31: #
![[BACK]](/icons/back.gif){kind=icon}
Return to nat.1 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / share / ipf