| ipnat.5 (60841) | ipnat.5 (92686) |
|---|---|
| 1.TH IPNAT 5 2.SH NAME 3ipnat, ipnat.conf \- IP NAT file format 4.SH DESCRIPTION 5The format for files accepted by ipnat is described by the following grammar: 6.LP 7.nf 8ipmap :: = mapblock | redir | map . 9 10map ::= mapit ifname ipmask "->" ipmask [ mapport ] . 11map ::= mapit ifname fromto "->" ipmask [ mapport ] . 12mapblock ::= "map-block" ifname ipmask "->" ipmask [ ports ] . | 1.TH IPNAT 5 2.SH NAME 3ipnat, ipnat.conf \- IP NAT file format 4.SH DESCRIPTION 5The format for files accepted by ipnat is described by the following grammar: 6.LP 7.nf 8ipmap :: = mapblock | redir | map . 9 10map ::= mapit ifname ipmask "->" ipmask [ mapport ] . 11map ::= mapit ifname fromto "->" ipmask [ mapport ] . 12mapblock ::= "map-block" ifname ipmask "->" ipmask [ ports ] . |
| 13redir ::= "rdr" ifname ipmask dport "->" ip [ "," ip ] [ ports ] options . | 13redir ::= "rdr" ifname ipmask dport "->" ip [ "," ip ] rdrport options . |
| 14 15dport ::= "port" portnum [ "-" portnum ] . 16ports ::= "ports" numports | "auto" . | 14 15dport ::= "port" portnum [ "-" portnum ] . 16ports ::= "ports" numports | "auto" . |
| 17rdrport ::= "port" portnum . |
|
| 17mapit ::= "map" | "bimap" . 18fromto ::= "from" object "to" object . 19ipmask ::= ip "/" bits | ip "/" mask | ip "netmask" mask . 20mapport ::= "portmap" tcpudp portnumber ":" portnumber . 21options ::= [ tcpudp ] [ rr ] . 22 23object = addr [ port-comp | port-range ] . 24addr = "any" | nummask | host-name [ "mask" ipaddr | "mask" hexnumber ] . --- 169 unchanged lines hidden (view full) --- 194.fi 195.PP 196For example, this would result in 172.192.0.0/24 being mapped to 209.1.2.0/32 197with each address, from 172.192.0.0 to 172.192.0.255 having 252 ports of its 198own. As opposed to the above use of \fBmap\fP, if for some reason the user 199of (say) 172.192.0.2 wanted 260 simultaneous connections going out, they would 200be limited to 252 with \fBmap-block\fP but would just \fImove on\fP to the next 201IP address with the \fBmap\fP command. | 18mapit ::= "map" | "bimap" . 19fromto ::= "from" object "to" object . 20ipmask ::= ip "/" bits | ip "/" mask | ip "netmask" mask . 21mapport ::= "portmap" tcpudp portnumber ":" portnumber . 22options ::= [ tcpudp ] [ rr ] . 23 24object = addr [ port-comp | port-range ] . 25addr = "any" | nummask | host-name [ "mask" ipaddr | "mask" hexnumber ] . --- 169 unchanged lines hidden (view full) --- 195.fi 196.PP 197For example, this would result in 172.192.0.0/24 being mapped to 209.1.2.0/32 198with each address, from 172.192.0.0 to 172.192.0.255 having 252 ports of its 199own. As opposed to the above use of \fBmap\fP, if for some reason the user 200of (say) 172.192.0.2 wanted 260 simultaneous connections going out, they would 201be limited to 252 with \fBmap-block\fP but would just \fImove on\fP to the next 202IP address with the \fBmap\fP command. |
| 203.SH FILES |
|
| 202/dev/ipnat 203.br 204/etc/services 205.br 206/etc/hosts 207.SH SEE ALSO 208ipnat(4), hosts(5), ipf(5), services(5), ipf(8), ipnat(8) | 204/dev/ipnat 205.br 206/etc/services 207.br 208/etc/hosts 209.SH SEE ALSO 210ipnat(4), hosts(5), ipf(5), services(5), ipf(8), ipnat(8) |