Current-Users archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: IPFilter issue in -current

On 8/01/2013 2:48 PM, Geoff Adams wrote:
...
> 
> In the meantime, I think I understand why I see so many ipf_nat_newrdr 
> failures.
> I'm not sure if it's an algorithmic problem, or if I just need to write 
> better rules.
> 
...
> map wm0 192.168.10.0/24 -> 0/32
> 
> rdr wm0 7.8.9.10/32 port 56789 -> 192.168.10.11 port 56789 tcp/udp

Lets try with better rules to start with and replace the map rule with these
two map rules:

map wm0 192.168.10.0/24 -> 0/32 portmap 10001-49151 tcp/udp
map wm0 192.168.10.0/24 -> 0/32

Darren
Home | Main Index | Thread Index | Old Index