ipnat syntax error?
Juergen Heberling
pjah at hicom.net
Sun Apr 2 02:09:47 UTC 2006
Erik Nørgaard wrote:
> Juergen Heberling wrote:
>> Could someone please check me on this ...
>>
>> fw1# ipnat -CFn -f /etc/ipnat.rules
>> 0 entries flushed from NAT table
>> 1 entries flushed from NAT list
>> syntax error error at "-", line 1
>>
>> /etc/ipnat.rules contains:
>> map em0 192.168.1.0/24 -> 204.134.75.1-10
>> .. snip ..
>>
>> line 1 in the rules file is the example from the FreeBSD handbook.
>> I'm running FreeBSD6.0 stable.
>
> It seems to be a documentation bug, the ipf-howto.txt distributed with
> ipfilter makes no mention of that notation, instead you should use cidr
> notation, for example
>
> 204.134.75.0/29
>
> Erik
>
>
Erik,
Thank you for the quick response.
I tried your suggestion of using the cidr notation format and that work;
thank you!
However I am concerned about overlapping mappings in the cidr range with
host-to-host maps - my cidr range is a /28, for example,
and I want to map (spoof) some IP address in the middle to, say the web
or mail servers. In order to avoid the overlap I was counting on the
"range" specification on the map command.
TIA for any suggestions.
Juergen
More information about the freebsd-questions
mailing list