i'm trying to configure nat on a sparc solaris 10 box. On local network, i'm using gnomeeting which needs some ports nat-ed.
I don't understand how can i write a rule for a range of ports. If i wrote:
antinea-root% echo "rdr eri0 0.0.0.0/0 port 30000:30010 -> 192.168.10.118 port 30000:30010" | ipnat -f -
syntax error error at ":", line 1
(eri0 is external interface, and 192.168.10.118 is machine executing gnomemeeting)
if you look at gnomemeeting'docs, it gives something like:
# variables OUT_DEV=EXTERNAL_INTERFACE (for example: ne0) IN_NET=INTERNAL_NETWORK (for example: 192.168.0.0/24) IN_DEV=YOUR_IP_OF_COMPUTER (for example: 192.168.0.3) # for NAT'ing all connexion from local network to Internet nat on $OUT_DEV from $IN_NET to any -> ($OUT_DEV) static-port # special rules for forwarding rdr on $OUT_DEV proto tcp from any to ($OUT_DEV) port 1720 -> $IN_DEV rdr on $OUT_DEV proto tcp from any to ($OUT_DEV) port 30000:30010 -> $IN_DEV rdr on $OUT_DEV proto udp from any to ($OUT_DEV) port 5000:5016 -> $IN_DEV rdr on $OUT_DEV proto udp from any to ($OUT_DEV) port 5020:5023 -> $IN_DEV
but it don't work on ipf 4.0.2!
i also search on phildev http://www.phildev.net/ipf/IPFques.html#ques30 map ext-interface int-address/24 -> ext-address/32 proxy port 1720 h323/tcp but without success!
when i look at man pages, ipnat (4):
redir ::= "rdr" ifname ipmask dport "->" ip [ "," ip ] rdrport rdroptions .
dport ::= "port" portnum [ "-" portnum ] .
what's the meaning of "-"?
why rdrport is only rdrport ::= "port" portnum?
and what's the meaning of portnumber ::= number { numbers }?finally, i just want to redirect: tcp 30000:30010 udp 5000:5016 udp 5020:5023
thanks in advance,
gerard
