tech-net: Re: RDR Question

Subject: Re: RDR Question
To: None <tech-net@netbsd.org>
From: Pavel Cahyna <pavel@netbsd.org>
List: tech-net
Date: 04/26/2006 19:23:16

On Wed, Apr 26, 2006 at 06:40:35AM +0200, Ignatios Souvatzis wrote:
> Hi,
> 
> On Wed, Apr 26, 2006 at 01:39:09AM +0200, Pavel Cahyna wrote:
> > On Mon, Apr 24, 2006 at 01:42:09PM +0200, shadow123@gmx.net wrote:
> 
> > > Can IPF do source-based (ip and port) rdr in ipnat?
> > 
> > It at least accepts the syntax like
> > 
> > rdr ex0 from 10.0.0.1 to 10.0.0.2 port = 50 -> 10.0.0.2 port 60
> 
> Ahem... that's the _destination_ port.

Yes, but the address 10.0.0.1 is the source address, which answers a part of
the original question.

ipnat accepts even

rdr ex0 from 10.0.0.1 port = 666 to 10.0.0.2 port = 50 -> 10.0.0.2 port 60

Pavel