Mipam wrote:
Hi All,
A small internal network is defined to be able to send traffic outside:
outside = "{ a.b.c.d }"
special = "{ 10.23.145.10 }"
internal = "{ 10.23.145.0/24, !10.23.145.10 }"
nat on fxp0 from $internal to any -> $outside
binat on fxp0 from $special to any -> $outside
Meaning of this is that i do with natting and portmapping on all normal
connections, but only the host 10.23.145.10 should not be portmapped.
Actually i wish it more specified, only source port 5555 from $special
should not be portmapped, the rest doesnt matter. Is such possible or
should i stick to this?
Bye,
Mipam.
Hi Mipam
Have you tried a table of "internal" as it wont handle the negated
address and expand it in the same way as the macro.
/Per-Olov
