Subject: Re: is this a job for ipnat?
To: Darren Reed <firstname.lastname@example.org>
From: None <email@example.com>
Date: 12/05/1999 14:15:23
On Sun, Dec 05, 1999 at 09:46:26PM +1100, Darren Reed wrote:
> rdr supports matching the source and destination address - but not in
> the version used by 1.4/1.4.1 (3.2.10). Anything post 3.2.10 will have
> it in, and it is used as:
> rdr <if> from <ip>/<mask> <ip>/<mask> port <port> -> <ip> port <port> tcp
> You only have to worry about things `expiring' if you're using filtering
> (keep state) as the nat entries will just get recreated.
hmm... just took a wander through the code. What's the bimap stuff?
It looks like that might be the solution.
rdr portion handles packets from the outside, like a normal rdr rule.
map portion, since you could have one port specified, does the
appropriate mapping for packets from the inside. (packets get mapped
into one port instead of into a range as with a normal map rule?) Am I reading
the code correctly?
What's the format for a bimap line in ipnat.conf? I've got to be
reading the code for inpat.c wrong: it appears to me it should look just
like a rdr line but I get a "missing fields (netmask)" error.