[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    NAT redirect syntax
From:       Rick Byers <rickb () iaw ! on ! ca>
Date:       1999-05-24 16:59:26
[Download RAW message or body]

Hi,
The ipnat(5) manpage (from 3.2.11beta10) gives the following syntax for
the rdr command:

 redir ::= "rdr" ifname [ fromspec ] ipmask "->" ip [ ports ] .
 ports ::= "ports" numports | "auto" .
 ipmask ::= ip "/" bits | ip "/" mask | ip "netmask" mask .   
 fromspec ::= "from" ip "/" ipmask .

i.e.:
 "rdr le0 x.x.x.x/32 -> x.x.x.x ports 7 8 9"

but this doesn't seem to be the same syntax as what I've been using, or
what the examples show:

  "rdr ed0 0.0.0.0/0 port ftp -> 127.0.0.1 port ftp"

Are both syntaxes valid?  If the "ports" syntax is used, does it just
redirect port n to port n for each n specified in the port list?  If
this syntax does work, it would make my config files a lot smaller (I
have about a hundread entries to redirect port x to port x).  Is this
syntax purely a 3.2.11 thing, or did it work in 3.2.10 also (there seems
to be a lack of examples and documentation about the rdr command).

In any case, the ipnat(5) manpage, or the example (nat.eg) need to be
corrected.

Thanks,
	Rick

 
-- 
=========================================================================
Rick Byers                       University of Waterloo, Computer
Science
rickb@iaw.on.ca                              
http://www.iaw.on.ca/rickb/

[prev in list] [next in list] [prev in thread] [next in thread]