Thanks Bart!
It almost works... Now it seems to redirect ALL traffic with a dest
port of 22 to port 1000, not just traffic from 10.1.1.1. My files look
like this:
ipnet.conf:
rdr e1000g1 0.0.0.0/0 port 22 -> 192.168.1.1 port 1000 tcp
ipf.conf:
block in on e1000g1 all
pass in on e1000g1 proto tcp from 10.1.1.1 to 192.168.1.1 port = 22
flags S keep state
pass in on e1000g1 all
Maybe I made a typo somewhere?
Cheers,
erich
Bart Smaalders wrote:
Erich Weiler wrote:
Hey all-
I've got a very specific port forwarding setup I'd like to implement,
but I can't seem to find the exact syntax to do it. I'm on OpenSolaris.
What I want to do is achieved by NAT I think. I need a rule such that:
If a TCP packet comes in with a SOURCE IP of 10.1.1.1 and a
DESTINATION port of 22
Then..
Forward it to 192.168.1.1 on port 1000
??
I see the rdr directive, but it doesn't seem to allow for specifying a
'source' IP address and 'destination' port in packet matching portion
of the rule, it looks like the end of the rule should be "->
192.168.1.1 port 1000" I think...
Quickly browsed the archives but couldn't find this, nor could I find
an example in the documentation... Any hints?
Thanks!
I think this will do what you want:
In ipnat.conf:
rdr (external interface) 0.0.0.0/0 port 22 -> 192.168.1.1 port 1000 tcp
In ipf.conf:
block in on (external interface) all
...
pass in on (external interface) proto tcp from 10.1.1.1 to 192.168.1.1
port 22 flags S keep state
- Bart
