--- On Wed, 9/17/08, Martin Toft <[EMAIL PROTECTED]> wrote:
> You could do something like this if the local daemon
> listens on port
> 10000:
>
> ext_if="lo0"
> ext_ip1="192.168.0.2"
> ext_ip2="192.168.0.3"
> host1="10.0.0.2"
> host2="10.0.0.3"
>
> binat on $ext_if from $host1 to any -> $ext_ip1
> nat on $ext_if from $host2 to any -> $ext_ip2
> rdr on $ext_if inet proto tcp from any to $ext_ip2 port
> 1:9999 -> $host2
> rdr on $ext_if inet proto tcp from any to $ext_ip2 port
> 10001:65535 -> $host2
> rdr on $ext_if inet proto udp from any to $ext_ip2 ->
> $host2
> rdr on $ext_if inet proto icmp from any to $ext_ip2 ->
> $host2
Thanks very much for your solution. If I use static-port with the nat, then
these rules essentially construct a binat with the exception as I described.
Looks like this is the way I will have to go to accomplish what I asked for.
Cheers.
