xref: /onnv-gate/usr/src/cmd/ipf/examples/nat.eg (revision 0:68f95e015346) 
1*0Sstevel@tonic-gate# map all tcp connections from 10.1.0.0/16 to 240.1.0.1, changing the source
2*0Sstevel@tonic-gate# port number to something between 10,000 and 20,000 inclusive.  For all other
3*0Sstevel@tonic-gate# IP packets, allocate an IP # between 240.1.0.0 and 240.1.0.255, temporarily
4*0Sstevel@tonic-gate# for each new user.
5*0Sstevel@tonic-gate#
6*0Sstevel@tonic-gatemap ed1 10.1.0.0/16 -> 240.1.0.1/32 portmap tcp 10000:20000
7*0Sstevel@tonic-gatemap ed1 10.1.0.0/16 -> 240.1.0.0/24
8*0Sstevel@tonic-gate#
9*0Sstevel@tonic-gate# Redirection is triggered for input packets.
10*0Sstevel@tonic-gate# For example, to redirect FTP connections through this box, to the local ftp
11*0Sstevel@tonic-gate# port, forcing them to connect through a proxy, you would use:
12*0Sstevel@tonic-gate#
13*0Sstevel@tonic-gaterdr ed0 0.0.0.0/0 port ftp -> 127.0.0.1 port ftp
14*0Sstevel@tonic-gate#
15