xref: /titanic_44/usr/src/cmd/ipf/examples/nat.eg (revision 7c478bd95313f5f23a4c958a745db2134aa03244) 
1*7c478bd9Sstevel@tonic-gate# map all tcp connections from 10.1.0.0/16 to 240.1.0.1, changing the source
2*7c478bd9Sstevel@tonic-gate# port number to something between 10,000 and 20,000 inclusive.  For all other
3*7c478bd9Sstevel@tonic-gate# IP packets, allocate an IP # between 240.1.0.0 and 240.1.0.255, temporarily
4*7c478bd9Sstevel@tonic-gate# for each new user.
5*7c478bd9Sstevel@tonic-gate#
6*7c478bd9Sstevel@tonic-gatemap ed1 10.1.0.0/16 -> 240.1.0.1/32 portmap tcp 10000:20000
7*7c478bd9Sstevel@tonic-gatemap ed1 10.1.0.0/16 -> 240.1.0.0/24
8*7c478bd9Sstevel@tonic-gate#
9*7c478bd9Sstevel@tonic-gate# Redirection is triggered for input packets.
10*7c478bd9Sstevel@tonic-gate# For example, to redirect FTP connections through this box, to the local ftp
11*7c478bd9Sstevel@tonic-gate# port, forcing them to connect through a proxy, you would use:
12*7c478bd9Sstevel@tonic-gate#
13*7c478bd9Sstevel@tonic-gaterdr ed0 0.0.0.0/0 port ftp -> 127.0.0.1 port ftp
14*7c478bd9Sstevel@tonic-gate#
15