Subject: Re: The NAT solution
To: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>
From: Frank Volf <volf@oasis.IAEhv.nl>
Date: 07/23/2001 16:07:28
Cy Schubert - ITSD Open Systems Group wrote:
> In message <3B5B49DC.2606DAA8@miltonstreet.com>, Sam Carleton writes:
> > If you where not following along with the problem I had, the rdr rules
> > in my nat file where not working. Someone send me a private email that
> > resolved the problem. I had:
> > rdr iy0 0/32 port 443 -> 192.168.0.x port ??? tcp
> > But 0/32 is not valid in a rdr, I had to use the real ip address. Now I
> > simply need to write a script that will update the nat table every time
> > my IP changes...
> > I am off to do some dhclient_script hacking!
> You don't need to hack anything. Here is an example from one of the
> firewalls I manage.
> rdr xl0 0/0 port 25 -> 10.1.2.3 port 25 tcp
Yeah.. but this redirects all incoming traffic with destination port 25 to
another box. That is something different from what Sam tries to achieve
namely, redirecting traffic to the DHCP assigned IP address of the external
interface of his firewall to another host.