I have a FreeBSD router box running IPF/IPNAT. With the advent of Viruses that have their own SMTP engines, I would like to capture any traffic going out from internal LAN to port 25 and redirect those to port 25 of my router. I believe this is the equivalent of "reverse port mapping", if I can call it that. How do I redirect this using ipnat? Right now I have the following in my /etc/ipnat.rules:
map rl0 10.0.0.0/24 -> 0.0.0.0/32 portmap tcp/udp auto map rl0 10.0.0.0/24 -> 0.0.0.0/32 .... rl0 being my oif, and xl0 being iif. Given that my iip is 10.0.0.2, I would like to do this: rdr xl0 0.0.0.0/24 port 25 -> 10.0.0.2 port 25 The problem is 10.0.0.2 is a subset of 0.0.0.0/24. Shall I redirect then to the external IP instead? I am damn confused with these IPNAT stuff ;) -Wash http://www.netmeister.org/news/learn2quote.html -- +======================================================================+ |\ _,,,---,,_ | Odhiambo Washington <[EMAIL PROTECTED]> Zzz /,`.-'`' -. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 +======================================================================+ The fact that it works is immaterial. -- L. Ogborn _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"