Hiya,

I'm trying to write an ipnat rule to redirect traffic going out of the
private net onto the internet so that outgoing port 80 would be transparently
redirected to a proxy server.

I started with an rdr rule,

rdr ex0 192.168.0.0/24 port 80 -> 192.168.0.254 port 8080

but that never seemed to match any packets, the packets were just allowed
straight through, so I thought I'd try a map rule.

I tried something like:

map ex0 from 192.168.0.0/24 to 0.0.0.0/32 port = 80 -> 192.168.0.254/32 port 80

but this doesn't work, and the grammar in ipnat.conf(5) seems to be missing
the definitions for 'port-num' and 'compare', so I'm not sure if what I'm doing
is even right now.

The rest of my ipnat.conf is:
map ex0 192.168.0.0/24 -> 0.0.0.0/32 portmap tcp/udp 40000:60000
map ex0 192.168.0.0/24 -> 0.0.0.0/32

Thanks for any help,

 - Chris

--
strawberry@toth.org.uk
http://www.toth.org.uk/~strawberry