On Mon, Jun 05, 2000 at 12:46:57PM -0400, Jon Lindgren wrote:
> I've been looking at ipfilter, wondering if it can do this:
> 
> I've a private segment, connected via a NetBSD machine to a public
> segment.  NAT has been configured, everything is dandy.  Private segment
> gets NAT'ed, gets to the public segment, everything is smiles.
> 
> Now, I have a server which sits on the private segment (due to lack of IP
> space).  This server, however, only serves web traffic.  I'd like to
> redirect one port of my public server (say, port 8080) to port 80 on
> the private server.  In this way, I'm kind of hoping to inverse NAT for
> _only one port_ (i.e. mapping many public hosts to one private address).
> 
> Using the rdr keyword seems that only the dest address is rewritten, so
> the syn gets redirected.  The ack, however, doesn't, so the address is
> rdr'ed coming in, and NAT'ed going back out.  So it doesn't work for me.

rdr should work; I've used it for this exact purpose in the past.

--
Manuel Bouyer <bouyer@antioche.eu.org>
--