> On Mon, Jun 05, 2000 at 12:46:57PM -0400, Jon Lindgren wrote:
> > I've been looking at ipfilter, wondering if it can do this:
> > 
> > I've a private segment, connected via a NetBSD machine to a public
> > segment.  NAT has been configured, everything is dandy.  Private segment
> > gets NAT'ed, gets to the public segment, everything is smiles.
> > 
> > Now, I have a server which sits on the private segment (due to lack of IP
> > space).  This server, however, only serves web traffic.  I'd like to
> > redirect one port of my public server (say, port 8080) to port 80 on
> > the private server.  In this way, I'm kind of hoping to inverse NAT for
> > _only one port_ (i.e. mapping many public hosts to one private address).
> > 
> > Using the rdr keyword seems that only the dest address is rewritten, so
> > the syn gets redirected.  The ack, however, doesn't, so the address is
> > rdr'ed coming in, and NAT'ed going back out.  So it doesn't work for me.
> 
> rdr should work; I've used it for this exact purpose in the past.

Here's a me too for this note. =]

marc