/sbin/natd portrange documentation and bugfix
Submitted by: Ruslan Ermilov <ru@ucb.crimea.ua> PR: 11690 3.2 candidate ?
This commit is contained in:
brian
parent
2f80c9ff33
commit
ff0afb282f
@ -1,5 +1,5 @@
|
||||
.\" manual page [] for natd 1.4
|
||||
.\" $Id: natd.8,v 1.16 1999/03/07 18:23:55 brian Exp $
|
||||
.\" $Id: natd.8,v 1.17 1999/04/08 23:15:31 eivind Exp $
|
||||
.Dd 15 April 1997
|
||||
.Os FreeBSD
|
||||
.Dt NATD 8
|
||||
@ -114,13 +114,19 @@ Only alter outgoing packets with an unregistered source address.
|
||||
According to rfc 1918, unregistered source addresses are 10.0.0.0/8,
|
||||
172.16.0.0/12 and 192.168.0.0/16.
|
||||
|
||||
.It Fl redirect_port Ar proto targetIP:targetPORT [aliasIP:]aliasPORT [remoteIP[:remotePORT]]
|
||||
Redirect incoming connections arriving to given port to another host and port.
|
||||
.It Fl redirect_port Ar proto targetIP:targetPORT[-targetPORT] [aliasIP:]aliasPORT[-aliasPORT] [remoteIP[:remotePORT[-remotePORT]]]
|
||||
Redirect incoming connections arriving to given port(s) to another host
|
||||
and port(s).
|
||||
Proto is either tcp or udp, targetIP is the desired target IP
|
||||
number, targetPORT is the desired target PORT number, aliasPORT
|
||||
is the requested PORT number and aliasIP is the aliasing address.
|
||||
number, targetPORT is the desired target PORT number or range, aliasPORT
|
||||
is the requested PORT number or range, and aliasIP is the aliasing address.
|
||||
RemoteIP and remotePORT can be used to specify the connection
|
||||
more accurately if necessary.
|
||||
The targetPORT range and aliasPORT range need not be the same numerically,
|
||||
but must have the same size.
|
||||
If remotePORT is not specified, it is assumed to be all ports.
|
||||
If remotePORT is specified, it must match the size of targetPORT, or be 0
|
||||
(all ports).
|
||||
For example, the argument
|
||||
|
||||
.Ar tcp inside1:telnet 6666
|
||||
@ -128,6 +134,12 @@ For example, the argument
|
||||
means that tcp packets destined for port 6666 on this machine will
|
||||
be sent to the telnet port on the inside1 machine.
|
||||
|
||||
.Ar tcp inside2:2300-2399 3300-3399
|
||||
|
||||
will redirect incoming connections on ports 3300-3399 to host
|
||||
inside2, ports 2300-2399.
|
||||
The mapping is 1:1 meaning port 3300 maps to 2300, 3301 maps to 2301, etc.
|
||||
|
||||
.It Fl redirect_address Ar localIP publicIP
|
||||
Redirect traffic for public IP address to a machine on the local
|
||||
network. This function is known as "static NAT". Normally static NAT
|
||||
|
||||
@ -9,7 +9,7 @@
|
||||
*
|
||||
* Ari Suutari <suutari@iki.fi>
|
||||
*
|
||||
* $Id: natd.c,v 1.14 1999/03/30 10:11:21 brian Exp $
|
||||
* $Id: natd.c,v 1.15 1999/04/25 22:33:30 imp Exp $
|
||||
*/
|
||||
|
||||
#define SYSLOG_NAMES
|
||||
@ -1380,7 +1380,7 @@ void SetupPortRedirect (const char* parms)
|
||||
numLocalPorts = GETNUMPORTS(portRange);
|
||||
|
||||
/*
|
||||
* Extract public port and optinally address.
|
||||
* Extract public port and optionally address.
|
||||
*/
|
||||
ptr = strtok (NULL, " \t");
|
||||
if (!ptr)
|
||||
@ -1431,7 +1431,7 @@ void SetupPortRedirect (const char* parms)
|
||||
errx (1, "redirect_port: port ranges must be equal in size");
|
||||
|
||||
/* Remote port range is allowed to be '0' which means all ports. */
|
||||
if (numRemotePorts != numLocalPorts && numRemotePorts != 1 && remotePort != 0)
|
||||
if (numRemotePorts != numLocalPorts && (numRemotePorts != 1 || remotePort != 0)
|
||||
errx (1, "redirect_port: remote port must be 0 or equal to local port range in size");
|
||||
|
||||
for (i = 0 ; i < numPublicPorts ; ++i) {
|
||||
|
||||
Loading…
Reference in New Issue
Block a user