ipnat.5 - OpenGrok cross reference for /freebsd/sbin/ipf/ipnat/ipnat.5

Lines Matching full:rules
8 file is used to specify rules for the Network Address Translation (NAT)
9 component of IPFilter.  To load rules specified in the
20 In general, all NAT rules conform to the following layout:
56 rules.  Both the source address and optionally port number can be changed
137 To specify translation rules that impact a specific IP protocol,
154 rules like this:
187 rules.
223 To associate NAT rules with filtering rules, it is possible to set and
228 rules, we can match tags set by filter rules like this:
234 This would be used with "pass out" rules that includes a stanza such
246 in rules for
262 rules exists, called
286 rules discussed above and
288 rules discussed below.  A simple example is as follows:
316 thus is looked at last, after any rules with /16's or /24's in them,
326 rules is supported, there are differences and limitations.
328 Firstly, by default all redirection rules target a single IP address, not
346 rules can be used with rdr rules, along with negation, however the
381 If there are a large number of redirect rules and hosts being targeted
427 rules, it is possible to manually set a timeout using the
437 rules and outbound sessions.  Proxies can also be used with redirect
438 rules, although the syntax is slightly different:
446 rules, the interfaces supplied are in the same order as
448 rules - input first, then output.  In situations where the outgoing interface
470 NAT rules.
489 into the packet being sent out.  As with other rules used in
539 rules, it is possible to specify a range of addresses by including the word
552 Divert rules can be used with both inbound and outbound packet
585 This section deals with options that are available with all rules.
590 is removed as an individual operation. If all of the NAT rules
593 NAT rules are flushed out.
596 Rules in
610 has the following rules:
621 it appears in the ordering of the above rules.  In fact, the order in
638 rules and destination address for
640 rules), then the ordering in the
652 address can also be used. All rules must use either IPv4 addresses with