ipnat. Mapping only specified port
lelik_b at bk.ru
Thu Mar 15 12:44:42 UTC 2007
I use IPFilter firewall and I need to remap only packets with specified
port in destination. Other traffic should not be remapped.
IPNAT(5) says following:
Matching of packets has now been extended to allow more complex compares. In place of the address which is to be translated, an IP address and port number comparison can be made using the same expressions available with *ipf*.
I tried the following line in ipnat.rules:
map rl0 from 192.168.0.0/24 to any port=pop3 -> 0.0.0.0/32
But it didn’t help:
isrv# ipnat -CF -f /etc/ipnat.rules
0 entries flushed from NAT table
1 entries flushed from NAT list
isrv# ipnat -l
List of active MAP/Redirect filters:
map rl0 from 192.168.0.0/24 to any -> 0.0.0.0/32
List of active sessions:
As you can see, active filter didn’t contain port I need.
How can I specify IP address and port number to be translated in ipnat.rules?
Or can I restrict NAT for all traffic to specified network?
More information about the freebsd-questions