On Wed, 28 Jul 1999, James Webster wrote:

> Still not working...   so I'm taking a different approach..
> I have an extra IP, so I want to do a 1:1 mapping.  I've added the IP to
> ifaliases, and want to confirm the following mapping makes sense.

That's making more sense than your earlier plan...
 
> rdr ep0 10.0.0.1/0 -> a.b.c.d/0        # changes source from 10.0.0.1 to
> a.b.c.d to all external (internet) ports
> map ne1 a.b.c.d/0 -> 10.0.0.1/0    # changes destination from a.b.c.d to
> 10.0.0.1 for all ports

The comment doesn't sound quite right. On any particular interface,
"rdr" rewrites the destination of the incoming packets; wheras "map"
rewrites the source addr of outgoing packets. I forgot already which
interface is external and which is internal, but it sounds like you're
getting close.

Remember that you can enter and delete rules interactively. If you can
open a bunch of telnet sessions, or xterms, just run "ipnat -f -" in
one, "ipnat -rf -" in another, and repeat "ipnat -l" in a third. Or
you can clear all the rules with "ipnat -l | ipnat -rf -", and then
enter new ones with "ipnat -f -". Ipfilter ("ipf") works along the
same lines.

Here's some references:

The IP-Filter Home Page

	<http://coombs.anu.edu.au/~avalon/ip-filter.html>

The NAT FAQ

	<http://radon.moof.ai.mit.edu/~armenb/ipnat.html>